Ride-hailing giant Uber Technologies is investigating the breach of a third-party vendor that reportedly resulted in the leak of data from the company, including employee email addresses.
The possible breach came to light after a threat actor known as 'UberLeaks' began leaking data they claimed was stolen from Uber and Uber Eats on a hacking forum.
The leaked data included what is claimed to be source code associated with mobile device management platforms (MDM) used by Uber and Uber Eats and third-party vendor services, IT asset management reports, data destruction reports, Windows domain login names and email addresses, and other corporate information. One of the documents includes email addresses and Windows Active Directory information for over 77,000 Uber employees, BleepingComputer reports.
It appears that the leaked data is related to Uber internal corporate information and doesn’t include customer details.
According to Uber, the leak apparently stems from a data breach at Teqtivity, which helps track and manage information technology equipment.
“We believe these files are related to an incident at a third-party vendor and are unrelated to our security incident in September. Based on our initial review of the information available, the code is not owned by Uber; however, we are continuing to look into this matter,” Uber told BleepingComputer, adding that they found no evidence so far that Uber’s internal systems were breached.
For its part, Teqtivity explained in a data breach notification that a malicious actor has compromised its AWS backup server that stores data for its customers and gained access to device information (serial number, make, models, technical specs) and user information (first name, last name, work email address, work location details).