It has been reported that Uber has experienced yet another data breach following a cyberattack that compromised information including:-
- Employee email addresses
- Corporate reports
- IT asset information
There has been increasing evidence that UberLeaks, a threat actor claiming to have stolen data from the following two services, has begun to leak data on a hacking forum that’s well-known for publicizing data breaches like this:-
- Uber Eats
In this data leak, numerous archives are included that purport to be source code relating to MDM platforms that are used by the following entities:-
- Uber Eats
- Third-party vendor services
It appears that the threat actor has divided the topics into four different categories:-
- Uber MDM at uberhub.uberinternal.com
- Uber Eats MDM
- Third-party Teqtivity MDM
- TripActions MDM platforms
Throughout the post, there is mention of one of the members of the Lapsus$ hacker group, who is credited with numerous high-profile attacks that were perpetrated on the internet previously.
Leaked Data Contents
Here below we have mentioned the contents of the leaked data:-
- Source code
- IT asset management reports
- Data destruction reports
- Windows domain login names
- Email addresses
- Other corporate information
In one of the leaked documents, more than 77,000 Uber employees’ Windows Active Directory information and email addresses are included.
Uber confirmed that the data breach is the result of a security breach on a third-party vendor, not the September attack when it was initially believed the data was stolen.
Uber also confirmed that in this data breach has leaked only Uber’s internal corporate information; in short, none of its customers have been included in the leak.
Moreover, Uber employees’ personal information can be obtained through targeted phishing attacks based on the leaked data.
Teqtivity breach exposed Uber data
In response to a recent breach of Teqtivity, Uber has announced that hackers stole its data. The company uses Teqtivity for asset tracking and asset management.
The following information was accessible to attackers through this data breach for companies using the platform:-
- Serial Number
- Technical Specs
- First Name
- Last Name
- Work Email Address
- Work Location details
There is still an investigation going on by the third party regarding this incident. As far as it’s concerned, the data they’ve seen so far has come from its systems. Since a threat actor breached into a Teqtivity AWS backup server, which is used by Teqtivity to store its customers’ information.
However, it was also verified by Teqtivity that to date, Uber’s internal systems have not been accessed maliciously by anyone.
Secure Web Gateway – Web Filter Rules, Activity Tracking & Malware Protection – Download Free E-Book