HQ/EMEAFind out how we can help your business
A dark web actor dubbed ‘UberLeaks’ has leaked data from a leading ride-hailing service Uber, involving employees’ email addresses, corporate reports, IT asset information, and other corporate information, allegedly stolen from a third-party vendor during a security compromise incident.
The hacker leaked Uber and Uber Eats’ data on an underground forum. Aside from the earlier mentioned data, other critical information leaked from the ride-hailing service were numerous archives of source code associated with the mobile device management (MDM) tools that Uber and Uber Eats use alongside their third-party vendor services.
UberLeaks posted four topics related to the data leak on the ride-hailing service.
Reports reveal that the threat actor has published four topics related to the data leak against Uber, including Uber MDM, Uber Eats MDM, Teqtivity MDM, and TripActions MDM platforms. From the analysis of the leaked data, the researchers found some documents, such as a list of employee email addresses and Windows Active Directory data of over 77,000 Uber staff.
Last September, the ride-hailing service also suffered from a data breach incident, although the management believes the recent data leak is unrelated to that past incident. Instead, Uber said it could be associated with a third-party vendor they work with.
Initially, investigations showed that the leaked data on Uber did not involve any customers and only affected the company’s internal corporate information. Moreover, there have been findings that the leaked data contains valuable information that malicious actors can use to execute phishing attacks on the affected Uber staff.
Thus, all employees are advised to watch out for potential cyberattacks, including one that could impersonate Uber IT support. The staff must also report attack attempts from suspicious senders.
On the other hand, the security incident’s association with Teqtivity revealed that an unknown threat actor obtained access to the company’s AWS backup server, where they store customer data. This incident compromised numerous sensitive data, including hackers accessing devices’ serial numbers, models, technical specifications, and make, and users’ full names, corporate email addresses, and work location details.
Uber stated that both their company and Teqtivity are still doing investigations, adding that there have not been any signs of data misuse from malicious actors. Nevertheless, employees are reminded to stay vigilant.
