Dwelling › Incident Response

Uber Knowledge Leaked Following Breach at Third-Celebration Vendor

By Eduard Kovacs on December 13, 2022

Tweet

Data apparently belonging to ride-hailing large Uber has been leaked on-line and the supply of the information is probably going a third-party IT vendor.

Over the weekend, a consumer with the moniker ‘UberLeak’ made public on a hacker discussion board a 600 Mb archive file allegedly containing 20 million data of information coming from Uber techniques.

An evaluation of the recordsdata performed by SecurityWeek exhibits supply code, inner job administration info, encryption keys, and over a dozen paperwork every containing tons of or 1000’s of Uber e mail addresses.

One spreadsheet named ‘report’ comprises what seems to be an inventory of greater than 16,000 worker names and e mail addresses. One other spreadsheet named ‘customers’ comprises the names, e mail addresses and worker IDs for over 5,000 individuals.

A really small archive file allegedly related to the Uber Eats meals supply platform was additionally leaked by the identical consumer, nevertheless it solely seems to include take a look at information.

Uber confirmed in September {that a} hacker had accessed inner instruments after an exterior contractor’s account was compromised.

Nonetheless, in an announcement to RestorePrivacy, Uber mentioned the brand new leak shouldn’t be associated to the September incident. As an alternative, it seems the information originates from IT asset administration software program supplier Teqtivity.

It’s value noting that the identical hacker additionally leaked 18 Mb and 25 Mb archive recordsdata allegedly containing information related to Teqtivity and journey administration firm TripActions. These archives seem to include software supply code.

Teqtivity printed an announcement on Monday, confirming that buyer information was compromised after a “malicious third occasion” gained entry to its techniques.

“The third occasion was in a position to achieve entry to our Teqtivity AWS backup server that housed Teqtivity code and information recordsdata associated to Teqtivity prospects,” the corporate mentioned.

Based on Teqtivity, the investigation is ongoing, however up to now it has confirmed that the uncovered recordsdata embrace gadget info akin to serial quantity, make and mannequin, and technical specification, in addition to consumer info, together with first and final identify, work e mail handle, and work location particulars. The agency mentioned it doesn’t acquire private info akin to dwelling addresses, authorities identification numbers or banking info.

Uber continues to be investigating the incident, nevertheless it mentioned the supply code doesn’t appear to belong to the corporate.

Associated: Critical Breach at Uber Spotlights Hacker Social Deception

Associated: Former Uber CISO Joe Sullivan Discovered Responsible Over Breach Cowl-Up

Get the Each day Briefing

• Most Current
• Most Learn

• Mapping Menace Intelligence to the NIST Compliance Framework
• NSA Outs Chinese language Hackers Exploiting Citrix Zero-Day
• Snyk Raises $196.5 Million at $7.four Billion Valuation
• Passkeys Now Absolutely Supported in Google Chrome
• Ransomware Group Threatens to Publish Knowledge Stolen From California Division of Finance
• New Python-Based mostly Backdoor Focusing on VMware ESXi Servers
• Twitter Responds to Current Knowledge Leak Experiences
• Uber Knowledge Leaked Following Breach at Third-Celebration Vendor
• Fortinet Ships Emergency Patch for Already-Exploited VPN Flaw
• Proofpoint Buys Deception Tech Startup Illusive Networks

Searching for Malware in All of the Fallacious Locations?

First Step For The Web’s subsequent 25 years: Including Safety to the DNS

Tattle Story: What Your Laptop Says About You

Be in a Place to Act By means of Cyber Situational Consciousness

Report Reveals Closely Regulated Industries Letting Social Networking Apps Run Rampant

2010, A Nice 12 months To Be a Scammer.

Do not Let DNS be Your Single Level of Failure

The way to Establish Malware in a Blink

Defining and Debating Cyber Warfare

The 5 A’s that Make Cybercrime so Engaging

The way to Defend Towards DDoS Assaults

Safety Budgets Not in Line with Threats

Anycast – Three Causes Why Your DNS Community Ought to Use It

The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Pondering Organizations

Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise

Orbit Brain

http://orbitbrain.com/

Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy ways
and much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.