'[ISN] More Uber Accounts Have Been Hacked, This Time in the United States'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] More Uber Accounts Have Been Hacked, This Time in the United States
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2015-05-04 8:08:46
Message-ID: alpine.DEB.2.02.1505040808350.28187 () infosecnews ! org
[Download RAW message or body]

http://motherboard.vice.com/en_uk/read/more-uber-accounts-have-been-hacked-this-time-in-the-united-states

By Joseph Cox
Motherboard.Vice.com
May 2, 2015

UPDATE: An Uber spokesperson responds, "We do not have any additional 
information to share beyond the statement we provided before: We 
investigated and found no evidence of a breach. Attempting to fraudulently 
access or sell accounts is illegal and we notified the authorities about 
this report. This is a good opportunity to remind people to use strong and 
unique usernames and passwords and to avoid reusing the same credentials 
across multiple sites and services."

Back in March, Motherboard revealed that fully functioning Uber accounts 
were for sale on the dark web for as cheap as $1 each. At the time, it 
appeared that the victims of those hacks were based in the United Kingdom. 
Now, Uber customers from all over the United States have taken to Twitter 
to complain that their account has been charged for trips they never took, 
sometimes half way across the world.

"It was crazy," one apparent victim, Stephanie Crisco from North Carolina, 
told me over Twitter direct message. "I used Uber for the first time 
Thursday night. On Friday morning I received a notification on my phone 
that my driver was en route. I didn't request a driver. I clicked on the 
notification and it said that the ride was cancelled but the pickup was in 
London."

Crisco also tweeted a picture of the trips she claims she didn't make. 
While many of the trips in the screenshot were cancelled, one of them in 
London was indeed successful, and Crisco told me that three charges were 
made against her account in total. Crisco has since cancelled her bank 
card, and Uber have refunded her for the three charges, which range 
between $40 and $120 each.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic