Uber has reportedly been hit with a new cyberattack as a hacker known as “UberLeak” posted on a renown hacker forum Saturday. The attack includes leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor according to BleepingComputer.
The data leak includes source code associated with mobile device management solutions (MDM) used by Uber and Uber Eats. The ‘UberLeak’ hacker created four different topics on the hacker forum, for each MDM platform deployment it had breached.
Each forum topic post references a member of the Lapsus$ hacking group. Lapsus$ is responsible for many high-profile hacking and breaches against top companies—including Uber. Uber was last breached in September of this year.
Some of the stolen data seen by BleepingComputer includes “email addresses and Windows Active Directory information for over 77,000 Uber employees.”
Uber has confirmed to BleepingComputer that the data is not originally from the September attack, but represents a new breach and attack on a third-party vendor.
“We believe these files are related to an incident at a third-party vendor and are unrelated to our security incident in September. Based on our initial review of the information available, the code is not owned by Uber; however, we are continuing to look into this matter.” – Uber.
BleepingComputer
The data leak does not appear to include any information related to Uber customers at this time, according to security researchers.
However, there is enough detail provided on employees that targeted phishing attacks could very likely become a concern. Further attempts at credential theft or other sensitive information are to be expected after the trove of data newly acquired.
