Uber relies on Teqtivity for IT asset management and tracking. A spokesperson for Uber told multiple news outlets that the company is looking into the incident, but it appears the leaked data came from Teqtivity. News of the breach surfaced after troves of data, purported to belong to Uber and UberEats, were posted on a hacking forum over the weekend. The leaked data includes the personal information of about 77,000 Uber employees, IT asset management reports, and more. Uber suffered a major data breach in September after a threat actor tricked an employee into giving them access to the company’s systems. However, this incident does not appear to be connected to the September breach. “We believe these files are related to an incident at a third-party vendor and are unrelated to our security incident in September,” Carissa Simons, an Uber spokesperson, said. “Based on our initial review of the information available, the code is not owned by Uber; however, we are continuing to look into this matter.”
Hacker Accessed Teqtivity’s AWS Server Backup
Teqtivity said a malicious actor gained access to its AWS backup server, which contains its code and other files. The incident exposed the personal data of Teqtivity customers, including their first names, last names, work email addresses, work location details, device serial numbers, models, and technical specs. Teqtivity has hired a third-party forensics firm to investigate its logs and server configuration. It has also hired a third-party security team to conduct a vulnerability assessment of its systems. “We sincerely apologize for any inconvenience this may cause and very much regret this situation has occurred. Your confidence in our ability to safeguard your company data and your peace of mind are very important to us,” Teqtivity said in a statement. Teqtivity said it has informed law enforcement about the incident and has put measures in place to prevent this from happening again.
Leaked Uber Employee Data
According to Bleeping Computer, the leaked files contain the email addresses and Windows Active Directory information of more than 77,000 Uber employees. Hackers can use this data to launch social engineering attacks. Given that a hacker used social engineering to breach the company’s systems in September, it’s unclear if Uber has any plans to train its employees on how to avoid falling victim to social engineering schemes. While it is unclear how the malicious actor gained access to Teqtivity’s backup server, unsecured AWS buckets pose a massive cybersecurity threat. AWS buckets can contain a variety of data, including the personal information of employees and customers. VPNOverview’s research team regularly discovers unsecured AWS buckets and notifies companies about the vulnerability. We’ve discovered unsecured AWS buckets of high-profile companies like Sephora, Baby Shark app developer Pinkfong, and My Metal Business Cards.