Security News

A vulnerability in Uber's email system allows just about anyone to send emails on behalf of Uber. The researcher who discovered this flaw warns this vulnerability can be abused by threat actors to email 57 million Uber users and drivers whose information was leaked in the 2016 data breach.

Chinese ride hailing app DiDi Chuxing was on Sunday removed from local app stores on on grounds that it did not comply with data protection laws. In its notice of its actions the CAC wrote: "The DiDi Travel App has serious violations of laws and regulations in collecting and using personal information."

Ride-sharing giant Uber has quietly snapped up veteran security leader Latha Maripuri to be its Chief Information Security Officer. Uber has been without a formal security chief since the departure of John 'Four' Flynn in July 2020.

Conservative backbencher David Davis has vowed to ask questions in Parliament over Uber's seemingly unregulated sharing of data with police and transport regulators as it battled to save its London private hire operator's licence. In November 2019, Uber was formally stripped of its licence after what Transport for London called a "Pattern of failures", including allowing random third parties to upload their mugshots to legitimate Uber driver accounts, bypassing background checks.

A former Uber security executive has been charged for his role in the cover-up of a massive 2016 data breach, in which attackers accessed the company's Amazon Web Services accounts and stole data associated with 57 million passengers and drivers. In October 2016, two hackers gained access to Uber data stored on Amazon Web Services accounts, using Uber software engineer credentials found on GitHub, and stole a database that contained personally identifiable information associated with 57 million Uber users and drivers.

The U.S. Department of Justice announced on Thursday that former Uber Chief Security Officer Joe Sullivan has been charged over his alleged role in the cover-up of the 2016 data breach that resulted in the information of millions of Uber drivers and users getting stolen by hackers. During his time at Uber - he served as the company's CSO between April 2015 and November 2017 - the ride-sharing giant's systems were breached and the attackers managed to steal information belonging to 57 million users and drivers.

As Uber's chief security officer, Joe Sullivan broke the law by hushing up the theft of millions of people's details from the app maker's databases by hackers, prosecutors say. According to the government, the charges [PDF] stem from Sullivan's efforts to cover up the 2016 security breach at Uber in which miscreants siphoned from internal databases the personal information of 57 million passengers and 600,000 drivers, including their driving license details.

As Uber's chief security officer, Joe Sullivan broke the law by hushing up the theft of millions of people's details from the app maker's databases by hackers, prosecutors say. According to the government, the charges [PDF] stem from Sullivan's efforts to cover up the 2016 security breach at Uber in which miscreants siphoned from internal databases the personal information of 57 million passengers and 600,000 drivers, including their driving license details.

The federal prosecutors in the United States have charged Uber's former chief security officer, Joe Sullivan, for covering up a massive data breach that the ride-hailing company suffered in 2016. The 2016 Uber's data breach exposed names, email addresses, phone numbers of 57 million Uber riders and drivers, and driver license numbers of around 600,000 drivers.

The federal prosecutors in the United States have charged Uber's former chief security officer, Joe Sullivan, for covering up a massive data breach that the ride-hailing company suffered in 2016. The 2016 Uber's data breach exposed names, email addresses, phone numbers of 57 million Uber riders and drivers, and driver license numbers of around 600,000 drivers.