Home arrow Identity Theft arrow In The News arrow Uber Data Breach Gets Ugly – Accusations of Corporate Espionage Fly
User Login





Lost Password?
No account yet? Register
Guard My Credit Menu
Home
- - - THE ISSUES - - -
Videos
Fraud and Scams
Credit Issues
Identity Theft
Privacy Issues
Our Children
Politics & Politicians
- - ACTION CENTER - -
Guard My Credit Links
Helpful Pamphlets
- - - - - - - - - - - - - - -
About ACCESS
Contact Us
About Our Site
Join the Fight
ACCESS is a non-profit, tax exempt consumer advocacy group.

Donations are tax deductable.

Guard My Credit Hits
11452102 Visitors
Uber Data Breach Gets Ugly – Accusations of Corporate Espionage Fly PDF Print E-mail

October 12, 2015 – It is no understatement to say that there is no love lost between Uber and Lyft; the country’s two largest ride sharing services. Last year it was revealed that Uber had experienced a data breach involving information on the company’s 50,000 drivers. Now there are accusations that the breach was caused by an executive at competing firm Lyft and a judge has ordered that certain internet records on an anonymous individual (suspected to be the aforementioned Lyft executive) maintained by Comcast be turned over to Uber. That order is currently being appealed. Calling the situation ugly is probably an understatement.

Image

In my opinion, the data breach at Uber was caused by carelessness. An employee posted a snippet of computer code on the website GitHub; a site used by computer programmers to share code and find solutions to programming problems. Unfortunately for Uber, the code snipped contained an access key for Uber’s driver database. To make matters worse, the code remained public for months.

Eventually, someone found that access key and used it. Uber, through its own investigation, came to believe that person was Chris Lambert; Lyft’s Chief Technology Officer. It is an accusation that both Lyft and Lambert deny.

To confirm the company’s suspicions, Uber filed a John Doe lawsuit to get Comcast – an ISP that Uber claims is related to the breach – to reveal the identity of a particular subscriber. Uber believes that subscriber is Lambert or someone close to him. And now a judge has issued such an order. That decision is currently being appealed by the unknown John Doe who was presumably notified of the order by Comcast.

Uber has also asked for, and received, a subpoena for GitHub’s records. They want to learn the identities of anyone who visited the page where their access key was publically posted. Just a reminder here that as previously stated, it was an Uber employee who made that information public.

It is likely that this saga will drag on in the courts for some time. It is equally likely that the relationship between these two companies will remain tense. While it is true that if another company used Uber’s information to access computer information without authorization, that company probably violated a variety of federal and state laws against cyber intrusion and should be held accountable. But none of these things will change the fact that this data breach appears to have been a self-inflicted wound by Uber. No amount of legal shenanigans will change that. And nobody should forget it. 

byJim Malmberg

Note: When posting a comment, please sign-in first if you want a response. If you are not registered, click here. Registration is easy and free.

Follow me on Twitter:

Jim Malmberg has 8112 followers on Twitter
Follow ACCESS
Comments
Search
Only registered users can write comments!

3.25 Copyright (C) 2007 Alain Georgette / Copyright (C) 2006 Frantisek Hliva. All rights reserved."

 
Guard My Credit Polls
Poll #166 - Have you personnally been a victim of Identity Theft
 
#1 - Why did you visit our site today?
 
.•*´¯☼ ♥ ♥ Your Support of These Links Is GREATLY Appreciated ♥ ♥ ☼¯´*•.
Advertisement
 
Go to top of page
Home | Contact Us |About Us | Privacy Policy
eXTReMe Tracker
12/22/2024 11:43:55