A latest provide chain assault has resulted in delicate knowledge belonging to Uber drivers being stolen as soon as once more.
The Register picked up on a breach notification despatched to affected drivers by the legislation agency Genova Burns which stated that in late January 2023 it “grew to become conscious” of suspicious exercise in its inner data programs.
After bringing in outdoors forensic and knowledge safety specialists, the corporate decided that an “unauthorized third get together” (no teams or people have been named) accessed its programs between January 23 and 31, 2023. Throughout that point, the menace actor stole knowledge together with Uber drivers’ names, Social Safety Numbers, and in some instances, Tax Identification numbers.
Securing the setting
The best way the notification was formulated means that this isn’t the entire knowledge that was taken, however Genova Burns didn’t talk about it additional.
What it did talk about are its strikes going ahead, together with the same old 12 months of free identification (opens in new tab) monitoring providers, this time by way of Kroll. It additionally stated it “secured the setting” by altering all system passwords, and notifying the police.
“We can be taking extra steps to enhance safety and higher assist defend in opposition to related incidents sooner or later,” Genova Burns added, with out detailing which extra steps these are.
When requested by the publication to remark, Uber despatched an e mail assertion, saying the Genova Burns knowledge was associated to “sure drivers who had accomplished journeys in New Jersey”. The corporate additionally reminded that the legislation agency discovered no proof of the info getting used within the wild, or proof of such an try.
Genova Burns stated it held the info as a consequence of its authorized illustration of Uber Applied sciences.
Uber has suffered its fair proportion of cybersecurity incidents, together with the 2016 knowledge theft fiasco, the 2022 Lapsus$ knowledge theft, and the Teqtivity provide chain assault.
Through: The Register (opens in new tab)
