Uber experienced yet another prominent data breach that exposed private employee and business information. This time, attackers gained access to the company through a Tequivity cloud server that was used by Amazon Web Services (AWS), which gives Uber asset management and tracking services.
The incident was initially reported by the New York Times.
The hacker known as “UberLeak” is unoriginal. “Hacked by autistic fisherman Arion and conned all LAPSUS$ members,” reads a post on BreachForums. Although Lapsus$ is a notorious hacker gang, there is no further evidence of a connection to the group outside the forum post.
Numerous files that purport to be source code for the mobile device management platforms used by Uber, the company’s food delivery service Uber Eats, and third-party vendor services are among the data that have been exposed. In contrast to internal code and corporate data, no information on an Uber user was discovered in the stolen data. The stolen information did, however, contain 77,000 Uber employees’ personal information.
AWS Server from Tequivity Breached by Hacker
According to Tequivity’s announcement, “customer data was compromised” as a result of “unauthorized access” to the business’s systems by “a malicious third party.” The company’s AWS backup server, which holds code and data files pertaining to Teqtivity clients, was specifically compromised by attackers, the company said.
According to the statement, Teqtivity has informed the customers who may have been impacted and is now looking into the situation and trying to limit it. It’s not clear if the security vulnerability impacts businesses besides Uber.
Ongoing Security Issues With Uber
Uber previously experienced a breach in 2016 that exposed the names, email addresses, and phone numbers of 57 million people worldwide. Approximately 600,000 American drivers’ license information was also provided. Two people had access to the data through “a third-party cloud-based service” that Uber had at the time.
Experts Insight On Latest Uber Breach
Information security and industry leaders reacted on this breach in our comment section below and highlight the growing security threat of third-party vendors, and how organizations can protect newly vulnerable information obtained by threat actors.