In November 2017, Uber, the ride-hailing service provider, disclosed a significant data breach that occurred in late 2016. The breach impacted approximately 57 million Uber users and drivers worldwide, highlighting the importance of robust data protection practices and responsible disclosure.
1. Breach Overview and Response
a. Timeline: The Uber data breach occurred in late 2016 but was disclosed in November 2017.
b. TTPs (MITRE ATT&CK): The specific TTPs utilized in the breach have not been publicly disclosed.
c. CVEs and Vendor Links: No specific CVEs have been associated with the Uber data breach.
2. Fallout and Legal Consequences
Uber faced significant criticism for its handling of the breach. The company chose not to disclose the incident immediately and instead paid the hackers a ransom to delete the stolen data and keep the breach secret. However, new leadership later discovered the breach, terminated the individuals involved, and notified affected individuals and regulatory authorities.
3. IOC Availability
Specific IOC details related to the Uber breach are not available in the public domain.
4. Lessons Learned
The Uber breach underscored the importance of transparency, timely disclosure, and accountability in handling data breaches to maintain user trust. It highlighted the necessity for organizations to prioritize robust data protection practices, responsible disclosure, and proactive cybersecurity measures.
Further Reading:
https://iapp.org/news/a/equifax-agrees-to-pay-1-4b-in-class-action-suit-over-2017-breach/