As reported by BleepingComputer (opens in new tab), the cybercriminal made a number of posts on a popular hacking forum under the name ‘UberLeaks’ early on Saturday morning. These posts allegedly contained data stolen from both Uber and Uber Eats. This leaked data includes a number archives which UberLeaks claims are source code from mobile device management (MDM) platforms used by both companies as well as third-party vendors. Threeseparate topics were made for Uber MDM, Uber Eats MDM and the Teqtivity MDM platform which are used by Uber. Surprisingly, each of these topics refer to a member of the infamous Lapsus$ hacking group. Besides being responsible for high-profile attacks on Nvidia, Samsung, Ubisoft and even Microsoft, the group also launched a cyberattack on Uber this September where it gained access to the company’s internal network as well as its Slack server.
UberLeaks
According to people familiar with the matter that spoke with BleepingComputer, this newly leaked data contains source code, IT asset management reports, data destruction reports, Windows domain login names and email addresses as well as other corporate information. For instance, one of the documents seen by the news outlet included the email addresses and Windows Active Directory information for more than 77,000 Uber employees. While it initially appeared like this data was stolen during the September attack on Uber, the company provided further insight into the matter in a statement to RestorePrivacy (opens in new tab) who broke the story, saying: “We believe these files are related to an incident at a third-party vendor and are unrelated to our security incident in September. Based on our initial review of the information available, the code is not owned by Uber; however, we are continuing to look into this matter.”
Should you be worried about the latest Uber data breach?
News of a data breach at a large company – especially one you use personally – is normally cause for concern. Was my credit card number leaked? Do I need to change my password? Could my identity be stolen? In this case though, it looks like only Uber’s internal corporate information was leaked online, so ride-share customers aren’t affected. Uber employees on the other hand need to be careful as security researchers who examined the data told BleepingComputer that there is enough detailed information to carry out targeted phishing attacks against them. If you’re still worried though, you can always change your Uber password for added peace of mind. At the same time, you might want to consider signing up for one of the best identity theft protection services as they can help you deal with fraud and getting your identity back should it be stolen.