A hacking forum has four new threads believed to contain recently leaked corporate data from Uber and Uber Eats.
The company confirmed a leak, telling BleepingComputer (opens in a new tab) that data, including mobile device management (MDM) platform source code, IT asset management reports, destruction of data, Windows Active Directory information, email addresses, and "other corporate information" was stolen via a breach (opens in a new tab) on a company-owned Amazon Web Services (AWS) server of asset management and tracking services Teqtivity.
The true extent of the breach is still unknown, but a single document seen by BleepingComputer is filled with data from more than 77,000 employees, though security researchers have confirmed that this particular breach should not affect customers.
Uber safety issues
This incident is the third known breach to leak personal data from Uber in recent years.
In July 2022, LaComparacion Pro reported that Uber confessed to covering up a "major" data breach that occurred in 2016 that led to customer data, including passwords, being leaked online, putting them at risk of abuse. usurpation of identity.
This leak, however, was discovered much earlier, resulting in a €385,000 fine from the UK's Information Commissioner's Office (ICO) in 2018.
In September 2022, the company confirmed that another data breach affecting customers occurred that month, made possible by vulnerabilities in its critical endpoints. He later admitted that the hacker collective Lapsus€ gained access to his HackerOne dashboard, which provides information about an organization's digital security.
The forum posts related to the December breach refer to at least one individual member of Lapsus€. However, Uber maintains that the September and December violations are not related.
"We believe these files are related to an incident at a third-party provider and are not related to our security incident in September. Based on our initial review of available information, the code does not pertain to Uber, however we are continuing to review this issue." he said, though he said he hadn't seen any malicious or unusual activity on his own systems.
However, the latest breach raises concerns about continued reliance on cloud services offered by a limited number of companies, such as Amazon, despite security and outage concerns.
Uber employees are advised to be extremely vigilant of social engineering scams, such as phishing attacks, by malicious actors seeking to exploit the breach.