© 2023 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Uber suffers data breach after attack on third-party vendor


Uber has suffered a new data breach after a threat actor released employee email addresses, IT asset information, and corporate reports online. All this was stolen from a third-party vendor.

The data that, according to a threat actor named “UberLeaks,” was stolen from Uber and Uber Eats, was leaked on a hacking forum known for publishing data breaches on Saturday morning.

The leaked data includes numerous archives claiming to be source code related to mobile device management platforms (MDM) used by Uber and Uber Eats and third-party vendor services.

Separate topics were created, supposedly for Uber MDM ar uberhub.uberinternal.com and Uber Eats MDM, and the third-party Teqtivity MDM platform.

Uber confirmed its data was stolen in a breach on Teqtivity, which provides asset management and tracking services for the company. The third-party company also soon said it was aware of the cybersecurity incident.

“We are aware of customer data that was compromised due to unauthorized access to our systems by a malicious third party. The third-party was able to gain access to our Teqtivity AWS backup server that housed Teqtivity code and data files related to Teqtivity customers,” Teqtivity said in a statement.

The firm added that the data exposed included device information such as serial number, make, models, and technical specs, and user data – first name, last name, work email address, and work location details. The investigation is ongoing, and a third-party forensics firm has been retained.

Each post on a hacking forum refers to a member of the Lapsus$ hacking group. It is believed to be responsible for a number of high-profile attacks, including a September hit on Uber when cybercriminals accessed the internal network and the company’s Slack server.

However, Uber is saying that the Lapsus$ group is not connected to this particular breach. The company has also said it hadn’t seen any malicious access to its systems.

And yet, security researchers say that the leaked data contains enough information to conduct targeted phishing attacks on Uber employees.

Besides, Lior Yaari, Chief Executive and co-founder of Grip Security, an Israeli cybersecurity startup, has noticed that this latest breach highlighted atypical tactics by the threat actor.

“The threat actor started with technographic profiling. Unlike traditional demographic profiling, targeting data types and industries that have it, technographic profiling is not based on industry, company size, tax status, geolocation, or other business-defining attributes. No, companies are now being targeted based on their technology and technology users,” Yaari said.


More from Cybernews:

India’s foreign ministry leaks expat passport details

Companies ignore cybersecurity threats as they plunge into metaverse

Amazon now offers you cash to monitor what ads you see

Lockbit claims California state finance department as victim

China’s new deepfake regulations aim to protect the regime, but at what cost?

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are marked