Tuesday, May 28, 2024

Uber Hacked Again – Data From Uber and Uber Eats Published on Hacking Forums

It has been reported that Uber has experienced yet another data breach following a cyberattack that compromised information including:-

  • Employee email addresses
  • Corporate reports
  • IT asset information

There has been increasing evidence that UberLeaks, a threat actor claiming to have stolen data from the following two services, has begun to leak data on a hacking forum that’s well-known for publicizing data breaches like this:-

  • Uber
  • Uber Eats

In this data leak, numerous archives are included that purport to be source code relating to MDM platforms that are used by the following entities:-

  • Uber
  • Uber Eats
  • Third-party vendor services

Topics Created

It appears that the threat actor has divided the topics into four different categories:-

  • Uber MDM at uberhub.uberinternal.com
  • Uber Eats MDM
  • Third-party Teqtivity MDM
  • TripActions MDM platforms

Throughout the post, there is mention of one of the members of the Lapsus$ hacker group, who is credited with numerous high-profile attacks that were perpetrated on the internet previously.

Leaked Data Contents

Here below we have mentioned the contents of the leaked data:-

  • Source code
  • IT asset management reports
  • Data destruction reports
  • Windows domain login names
  • Email addresses
  • Other corporate information

In one of the leaked documents, more than 77,000 Uber employees’ Windows Active Directory information and email addresses are included.

Uber confirmed that the data breach is the result of a security breach on a third-party vendor, not the September attack when it was initially believed the data was stolen.

Uber also confirmed that in this data breach has leaked only Uber’s internal corporate information; in short, none of its customers have been included in the leak.

Moreover, Uber employees’ personal information can be obtained through targeted phishing attacks based on the leaked data.

Teqtivity breach exposed Uber data

In response to a recent breach of Teqtivity, Uber has announced that hackers stole its data. The company uses Teqtivity for asset tracking and asset management.

The following information was accessible to attackers through this data breach for companies using the platform:-

  • Serial Number
  • Make
  • Models
  • Technical Specs
  • First Name
  • Last Name
  • Work Email Address
  • Work Location details

There is still an investigation going on by the third party regarding this incident. As far as it’s concerned, the data they’ve seen so far has come from its systems. Since a threat actor breached into a Teqtivity AWS backup server, which is used by Teqtivity to store its customers’ information.

However, it was also verified by Teqtivity that to date, Uber’s internal systems have not been accessed maliciously by anyone.

Secure Web Gateway – Web Filter Rules, Activity Tracking & Malware Protection – Download Free E-Book

Website

Latest articles

Researchers Exploited Nexus Repository Using Directory Traversal Vulnerability

Hackers target and exploit GitHub repositories for a multitude of reasons and illicit purposesThe...

DDNS Service In Fortinet Or QNAP Embedded Devices Exposes Sensitive Data, Researchers Warn

Hackers employ DNS for various purposes like redirecting traffic to enable man-in-the-middle attacks, infecting...

PoC Exploit Released For macOS Privilege Escalation Vulnerability

A new vulnerability has been discovered in macOS Sonoma that is associated with privilege...

CatDDoS Exploiting 80+ Vulnerabilities, Attacking 300+ Targets Daily

Malicious traffic floods targeted systems, servers, or networks in Distributed Denial of Service (DDoS)...

GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials

GNOME desktop manager was equipped with a new feature which allowed remote users to...

Kesakode: A Remote Hash Lookup Service To Identify Malware Samples

Today marks a significant milestone for Malcat users with the release of version 0.9.6,...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles