Uber hit by new data breach — what you need to know

Uber app open a phone next to a car
(Image credit: Photo Illustration by Omar Marques/SOPA Images/LightRocket via Getty Images)

The popular ride-sharing platform Uber has suffered yet another data breach after a cybercriminal began posting sensitive company information stolen from a third-party vendor online.

As reported by BleepingComputer, the cybercriminal made a number of posts on a popular hacking forum under the name ‘UberLeaks’ early on Saturday morning. These posts allegedly contained data stolen from both Uber and Uber Eats.

This leaked data includes a number archives which UberLeaks claims are source code from mobile device management (MDM) platforms used by both companies as well as third-party vendors. Threeseparate topics were made for Uber MDM, Uber Eats MDM and the Teqtivity MDM platform which are used by Uber.

Surprisingly, each of these topics refer to a member of the infamous Lapsus$ hacking group. Besides being responsible for high-profile attacks on Nvidia, Samsung, Ubisoft and even Microsoft, the group also launched a cyberattack on Uber this September where it gained access to the company’s internal network as well as its Slack server.


An open lock depicting a data breach

(Image credit: Shutterstock)

According to people familiar with the matter that spoke with BleepingComputer, this newly leaked data contains source code, IT asset management reports, data destruction reports, Windows domain login names and email addresses as well as other corporate information.

For instance, one of the documents seen by the news outlet included the email addresses and Windows Active Directory information for more than 77,000 Uber employees. While it initially appeared like this data was stolen during the September attack on Uber, the company provided further insight into the matter in a statement to RestorePrivacy who broke the story, saying:

“We believe these files are related to an incident at a third-party vendor and are unrelated to our security incident in September. Based on our initial review of the information available, the code is not owned by Uber; however, we are continuing to look into this matter.”

Should you be worried about the latest Uber data breach?

News of a data breach at a large company – especially one you use personally – is normally cause for concern. Was my credit card number leaked? Do I need to change my password? Could my identity be stolen?

In this case though, it looks like only Uber’s internal corporate information was leaked online, so ride-share customers aren’t affected. Uber employees on the other hand need to be careful as security researchers who examined the data told BleepingComputer that there is enough detailed information to carry out targeted phishing attacks against them.

If you’re still worried though, you can always change your Uber password for added peace of mind. At the same time, you might want to consider signing up for one of the best identity theft protection services as they can help you deal with fraud and getting your identity back should it be stolen.

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.