Uber Discloses Database Breach, Targets GitHub With Subpoena

Posted by Soulskill on Saturday February 28, 2015 @01:30PM from the another-day-another-breach dept.

New submitter SwampApe tips news that Uber has revealed a database breach from 2014. The company says the database contained names and diver's license numbers of their drivers, about 50,000 of which were accessed by an unauthorized third party. As part of their investigation into who was behind the breach, Uber has filed a lawsuit which includes a subpoena request for GitHub. "Uber's security team knows the public IP address used by the database invader, and wants to link that number against the IP addresses and usernames of anyone who looked at the GitHub-hosted gist in question – ID 9556255 – which we note today no longer exists. It's possible the gist contained a leaked login key, or internal source code that contained a key that should not have been made public."

1 of 47 comments (clear)

Min score:

Reason:

Sort:

Re:I'll bet an Uber developer leaked it by bloodhawk · 2015-02-28 14:08 · Score: 1, Troll

hackers constantly trawl github for morons that leave keys in their code. So many organizations have been caught out now, especially ones that host on amazon, that their is simply no excuse for this happening anymore.