Uber has suffered another data breach. This became known over the weekend, when an attacker under the nickname UberLeak began to leak confidential company information stolen from a third-party provider Teqtivity to the dark web.
According to Teqtivity, the company is aware that customer data was compromised as a result of a hack. Attackers managed to gain access to the Teqtivity AWS backup server, where data about companies cooperating with Teqtivity was stored. In the hands of hackers were:
- Device information: serial number, brand, model, specifications;
- Information about the user: first name, last name, work email address, information about the place of work.
In addition, the dump contained archives and source codes related to the MDM platforms used by Uber and Uber Eats, as well as services from third-party service providers. And one of the documents contained the email addresses and WIndows Active Directory information of more than 77,000 Uber employees. It is noted that the leaked data does not contain information about Uber customers and is not part of the September dump.
Attackers operating under the pseudonym "UberLeak" created four topics on the hacker forum dedicated to data theft:
- Uber MDM at uberhub.uberinternal.com;
- Uber Eats MDM;
- Teqtivity MDM;
- Trip Actions MDM.
In each of the topics, a member of the Lapsus$ group was mentioned, who had previously hacked Uber. However, the company denied that the infamous group was behind the hack and made it clear that the attackers were unable to gain access to uberinternal.com.