Uber has suffered another data breach, this time involving the personal data of over 100,000 drivers. The company has not yet released a statement about the attack, but it is likely that it involves a hacker or someone who was able to gain access to Uber’s systems through an exploit. This latest attack comes on the heels of another data breach that affected Uber’s driver data in March. That attack involved the personal information of over 50,000 drivers. It is not clear how this latest attack got into Uber’s systems, but it is possible that someone gained access to them through an exploit or by stealing login credentials from other websites. It is important for companies like Uber to take measures to protect their users’ personal information and ensure that their systems are up to date with the latest security threats. This attack highlights the importance of having effective security measures in place and being able to quickly respond if there are any further breaches.

Someone on a hacking forum going by the name of “UberLeak” published a number of files claimed to be source code from backend platforms for both the Uber and Uber Eats apps. Among the leaked data, we seem to not only have source code, but also internal reports as well as email addresses belonging to over 77,000 Uber employees.

The leaked files don’t appear to contain any user information, so you might not need to rush to change all your passwords right now. It does, however, contain internal code and Uber corporate data, which could be used for phishing attacks on Uber employees (leading to more data breaches) or theoretically for backdoors into other systems.

In a statement to Bleeping Computer, Uber said that “we believe these files are related to an incident at a third-party vendor and are unrelated to our security incident in September. Based on our initial review of the information available, the code is not owned by Uber; however, we are continuing to look into this matter.”

So far, it doesn’t look like your account information is in danger, but it’s the second breach suffered by the company within the span of a few months, so you might want to keep your account information as secure as possible.

Source: Bleeping Computer