Thursday, November 30, 2023

Uber Hacked Again – Data From Uber and Uber Eats Published on Hacking Forums

It has been reported that Uber has experienced yet another data breach following a cyberattack that compromised information including:-

  • Employee email addresses
  • Corporate reports
  • IT asset information

There has been increasing evidence that UberLeaks, a threat actor claiming to have stolen data from the following two services, has begun to leak data on a hacking forum that’s well-known for publicizing data breaches like this:-

  • Uber
  • Uber Eats

In this data leak, numerous archives are included that purport to be source code relating to MDM platforms that are used by the following entities:-

  • Uber
  • Uber Eats
  • Third-party vendor services

Topics Created

It appears that the threat actor has divided the topics into four different categories:-

  • Uber MDM at
  • Uber Eats MDM
  • Third-party Teqtivity MDM
  • TripActions MDM platforms

Throughout the post, there is mention of one of the members of the Lapsus$ hacker group, who is credited with numerous high-profile attacks that were perpetrated on the internet previously.

Leaked Data Contents

Here below we have mentioned the contents of the leaked data:-

  • Source code
  • IT asset management reports
  • Data destruction reports
  • Windows domain login names
  • Email addresses
  • Other corporate information

In one of the leaked documents, more than 77,000 Uber employees’ Windows Active Directory information and email addresses are included.

Uber confirmed that the data breach is the result of a security breach on a third-party vendor, not the September attack when it was initially believed the data was stolen.

Uber also confirmed that in this data breach has leaked only Uber’s internal corporate information; in short, none of its customers have been included in the leak.

Moreover, Uber employees’ personal information can be obtained through targeted phishing attacks based on the leaked data.

Teqtivity breach exposed Uber data

In response to a recent breach of Teqtivity, Uber has announced that hackers stole its data. The company uses Teqtivity for asset tracking and asset management.

The following information was accessible to attackers through this data breach for companies using the platform:-

  • Serial Number
  • Make
  • Models
  • Technical Specs
  • First Name
  • Last Name
  • Work Email Address
  • Work Location details

There is still an investigation going on by the third party regarding this incident. As far as it’s concerned, the data they’ve seen so far has come from its systems. Since a threat actor breached into a Teqtivity AWS backup server, which is used by Teqtivity to store its customers’ information.

However, it was also verified by Teqtivity that to date, Uber’s internal systems have not been accessed maliciously by anyone.

Secure Web Gateway – Web Filter Rules, Activity Tracking & Malware Protection – Download Free E-Book


Latest articles

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...

CISA Warns Hackers Exploiting Wastewater Systems Logic Controllers

In a disconcerting turn of events, cyber threat actors have set their sights on...

Zyxel Command Injection Flaws Let Attackers Run OS Commands

Three Command injection vulnerabilities have been discovered in Zyxel NAS (Network Attached Storage) products,...

North Korean Hackers Attacking macOS Using Weaponized Documents

Hackers often use weaponized documents to exploit vulnerabilities in software, which enables the execution...

Most Popular Websites Still Allow Users To Have Weak Passwords

The latest analysis shows that tens of millions of people are creating weak passwords...

Chrome Zero-Day Vulnerability That Exploited In The Wild

Google has fixed the sixth Chrome zero-day bug that was exploited in the wild this...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles