Data from Uber leaked online after a hack of Teqtivity, a service the company uses for asset management and tracking services.
On Saturday, an attacker using the moniker UberLeaks published on a hacking forum stolen archives of what it claims are source codes related to mobile device management (MDM) platforms used by Uber and Uber Eats, as well as third-party providers. Also included in the leak are the company’s IT asset management reports, the Windows domain login names and email addresses of more than 77,000 employees, and other corporate information.
The hacker created four separate themes, allegedly for Uber MDM at uberhub.uberinternal.com and Uber Eats MDM, as well as third-party platforms Teqtivity MDM and TripActions MDM. Each of the posts refers to a member of the hacking group Lapsus$, which is believed to be responsible for a number of high-profile attacks, including the September cyberattack on Uber, when attackers gained access to the company’s internal network and Slack server.
Course
WOMEN IN LEADERSHIP
Learn how to maintain work-life balance from a top executive with experience at NPR, Microsoft, IBM, and Amazon Alexa.
REGISTER!
Uber may have hacked a teenager – employees took his Slack messages as a joke
However, Uber confirmed that the leak was not related to the previous attack and that the data was stolen during a third-party hack:
We believe these files are related to an incident at a third-party vendor and are not related to our September security incident. According to our initial analysis of available information, the code does not belong to Uber; however, we are continuing to study this issue.”
Security researchers who analyzed the leak say it only affected Uber’s internal corporate information, but could be used to launch targeted attacks on employees to obtain more sensitive information.
Uber later said data was stolen in a recent attack on Teqtivity, a service the company uses for asset management and tracking services. The attacker gained access to Teqtivity’s AWS backup server, which allowed him to steal the following information from companies using the platform:
- Information about the device: serial number, brand, model, characteristics;
- User information: first name, last name, work e-mail address, information about the workplace.
Uber said the source code, posted on a hacker forum, was created by Teqtivity to manage the company’s services. Uber also confirmed that the Lapsus$ group had nothing to do with the hack. And while messages on the forum indicate that hackers have hacked uberinternal.com, Uber says that it has not detected third-party access to its systems.
“The investigation of the supplier is still ongoing, but it confirms that the data is coming from its systems, and to date we have not observed any malicious access to Uber’s internal systems,” Uber said.
Earlier, a court in the US sentenced the ex-head of Uber’s security service, Joseph Sullivan, to 8 years in prison – in 2016, he hid a massive leak of these customers by paying hackers $100,000.
A court in the USA sentenced the ex-head of Uber’s security service to 8 years in prison – in 2016, he hid a massive leak of customer data by paying off hackers
Source: BleepingComputer