Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

The transportation giant Uber discloses a Data Breach

The giant Uber announced a data breach that resulted in unauthorized access to the driver partner license numbers of roughly 50,000 of its drivers. Are you a user of the Uber service? There is a bad news for you! Uber also enters the long list of companies who are victims of a data breach. On Friday, […]

uber data breach

The giant Uber announced a data breach that resulted in unauthorized access to the driver partner license numbers of roughly 50,000 of its drivers.

Are you a user of the Uber service? There is a bad news for you! Uber also enters the long list of companies who are victims of a data breach.

On Friday, the Uber firm has announced the incident with an official statement on its website, the note reports that expert of the company had identified a “one-time access of an Uber database” by an unauthorized third party in May 2014. The unauthorized access resulted in the disclosure of user data related to a “small percentage” of Uber driver partners.

“A small percentage of current and former Uber driver partner names and driver’s license numbers were contained in the database,” the statement, posted by Katherine Tassi, Uber’s Managing Counsel of Data Privacy, wrote. “Immediately upon discovery we changed the access protocols for the database, removing the possibility of unauthorized access. We are notifying impacted drivers, but we have not received any reports of actual misuse of information as a result of this incident.”

As part of the incident response procedure the experts of the company notified the data breach to the authorities and they have changed the access protocols for the database, removing the possibility of unauthorized access.

Of course, Uber is notifying impacted drivers, anyway the company declared that has not received any reports of actual misuse of the stolen data.

Uber App Screens

Below the timeline of the data breaches, according to Weber:

  • On September 17, 2014, Uber discovered that one of its databases could potentially have been accessed by a third party.
  • Upon discovery Uber immediately changed the access protocols for the database and started its investigation on the incident.
  • An investigation revealed that a one-time unauthorized access to an Uber database by a third party had occurred on May 13, 2014. The unauthorized access exposed approximately 50,000 drivers across multiple states, according Uber it is a small percentage of current and former Uber driver partners.
  • According to Tassi, Uber has not received any reports of actual misuse of any information as a result of this incident, anyway the company is notifying impacted partner drivers.
  • Uber said it would provide a one year of free credit monitoring service through Experian.
  • Additionally, Tassi said the company has filed what is referred to as a “John Doe” lawsuit in order to help gather information that may help identity the malicious actor(s).

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Uber data breach, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]