A latest provide chain assault has resulted in delicate information belonging to Uber drivers being stolen as soon as once more. 

The Register picked up on a breach notification despatched to affected drivers by the legislation agency Genova Burns which stated that in late January 2023 it “turned conscious” of suspicious exercise in its inside info techniques. 

After bringing in exterior forensic and information safety specialists, the corporate decided that an “unauthorized third social gathering” (no teams or people had been named) accessed its techniques between January 23 and 31, 2023. Throughout that point, the risk actor stole information together with Uber drivers’ names, Social Safety Numbers, and in some circumstances, Tax Identification numbers.

Securing the atmosphere

The way in which the notification was formulated means that this isn’t the entire information that was taken, however Genova Burns didn’t focus on it additional.

What it did focus on are its strikes going ahead, together with the same old 12 months of free id (opens in new tab) monitoring providers, this time by means of Kroll. It additionally stated it “secured the atmosphere” by altering all system passwords, and notifying the police. 

“We will probably be taking further steps to enhance safety and higher assist defend in opposition to related incidents sooner or later,” Genova Burns added, with out detailing which further steps these are. 

When requested by the publication to remark, Uber despatched an electronic mail assertion, saying the Genova Burns information was associated to “sure drivers who had accomplished journeys in New Jersey”. The corporate additionally reminded that the legislation agency discovered no proof of the information getting used within the wild, or proof of such an try. 

Genova Burns stated it held the information on account of its authorized illustration of Uber Applied sciences.

Uber has suffered its justifiable share of cybersecurity incidents, together with the 2016 information theft fiasco, the 2022 Lapsus$ information theft, and the Teqtivity provide chain assault.

• Take a look at the very best firewalls (opens in new tab) proper now

Through: The Register (opens in new tab)