A current provide chain assault has resulted in delicate information belonging to Uber drivers being stolen as soon as once more.
The Register picked up on a breach notification despatched to affected drivers by the regulation agency Genova Burns which stated that in late January 2023 it “turned conscious” of suspicious exercise in its inside info programs.
After bringing in exterior forensic and information safety specialists, the corporate decided that an “unauthorized third get together” (no teams or people have been named) accessed its programs between January 23 and 31, 2023. Throughout that point, the risk actor stole information together with Uber drivers’ names, Social Safety Numbers, and in some instances, Tax Identification numbers.
Securing the setting
The best way the notification was formulated means that this isn’t the entire information that was taken, however Genova Burns didn’t talk about it additional.
What it did talk about are its strikes going ahead, together with the standard 12 months of free id (opens in new tab) monitoring companies, this time by means of Kroll. It additionally stated it “secured the setting” by altering all system passwords, and notifying the police.
“We shall be taking extra steps to enhance safety and higher assist defend towards comparable incidents sooner or later,” Genova Burns added, with out detailing which extra steps these are.
When requested by the publication to remark, Uber despatched an e mail assertion, saying the Genova Burns information was associated to “sure drivers who had accomplished journeys in New Jersey”. The corporate additionally reminded that the regulation agency discovered no proof of the information getting used within the wild, or proof of such an try.
Genova Burns stated it held the information on account of its authorized illustration of Uber Applied sciences.
Uber has suffered its justifiable share of cybersecurity incidents, together with the 2016 information theft fiasco, the 2022 Lapsus$ information theft, and the Teqtivity provide chain assault.
By way of: The Register (opens in new tab)