Uber has reportedly been hit with another breach after data such as employee email addresses, corporate reports, and IT asset information were stolen from a third-party vendor, which were then leaked.
The vendor, Teqtivity, which helps manage and track information technology equipment such as phones and computers, on confirmed the cyber-attack.Â
According to reports, more than 77,000 Uber employees’ email addresses and other company data have been exposed in the recent hack. Source codes associated with mobile device management platforms used by Uber and Uber Eats were also leaked.
In a statement, Uber said that the latest incident is not related to the security breach it suffered in September. “Based on our initial review of the information available, the code is not owned by Uber; however, we are continuing to look into this matter,” the company said.
Teqtivity said customer data was compromised due to unauthorised access to its systems by a malicious third party.
The vendor reported that the hacker was was able to gain access to the Teqtivity AWS backup server that houses the company’s code and data files related to its customers.
Furthermore, Teqtivity noted that it doesn’t collect or store sensitive information such as bank account details or government identification numbers. However, the exposed data includes device information such as serial number, make and model as well as user information such as full name, work email address and location.
Teqtivity has notified law enforcement officials and hired a forensics firm to investigate all logs and server configuration.
In October, former Uber security chief Joe Sullivan was found guilty of hiding a massive 2016 data breach from federal regulators.
