Masress : U.S. Justice Dept probes data breach at Uber

Egypt expresses condolences to Iraq over fire tragedy Egypt, Oman discuss environmental cooperation Sukari Gold Mine showcases successful public–private partnership: Minister of Petroleum Egypt's Environment Minister attends AMCEN conference in Nairobi At London 'Egypt Day', Finance Minister outlines pro-investment policies Egypt's FRA chief vows to reform business environment to boost investor confidence Egyptian, Belarusian officials discuss drug registration, market access Syria says it will defend its territory after Israeli strikes in Suwayda Pakistan names Qatari royal as brand ambassador after 'Killer Mountain' climb Health Ministry denies claims of meningitis-related deaths among siblings EU–US trade talks enter 'decisive phase', German politician says Sri Lanka's expat remittances up in June '25 Egypt's gold prices grow on July 13th CBE's Abdalla attends Arab central bank governors' meeting ahead of Sept summit Egypt's Health Min. discusses drug localisation with Sandoz Needle-spiking attacks in France prompt government warning, public fear Foreign, housing ministers discuss Egypt's role in African development push Korea Culture Week in Egypt to blend K-Pop with traditional arts Egypt, France FMs review Gaza ceasefire efforts, reconstruction CIB finances Giza Pyramids Sound and Light Show redevelopment with EGP 963m loan Greco-Roman tombs with hieroglyphic inscriptions discovered in Aswan Egypt reveals heritage e-training portal Three ancient rock-cut tombs discovered in Aswan Sisi launches new support initiative for families of war, terrorism victims Egypt's GAH, Spain's Konecta discuss digital health partnership Egypt expands e-ticketing to 110 heritage sites, adds self-service kiosks at Saqqara Egypt's Irrigation Minister urges scientific cooperation to tackle water scarcity Palm Hills Squash Open debuts with 48 international stars, $250,000 prize pool Egypt's Democratic Generation Party Evaluates 84 Candidates Ahead of Parliamentary Vote On Sport to broadcast Pan Arab Golf Championship for Juniors and Ladies in Egypt Golf Festival in Cairo to mark Arab Golf Federation's 50th anniversary Germany among EU's priciest labour markets – official data Cabinet approves establishment of national medical tourism council to boost healthcare sector Egypt's PM follows up on Julius Nyerere dam project in Tanzania Paris Olympic gold '24 medals hit record value A minute of silence for Egyptian sports Russia says it's in sync with US, China, Pakistan on Taliban It's a bit frustrating to draw at home: Real Madrid keeper after Villarreal game Shoukry reviews with Guterres Egypt's efforts to achieve SDGs, promote human rights Sudan says countries must cooperate on vaccines Johnson & Johnson: Second shot boosts antibodies and protection against COVID-19 Egypt to tax bloggers, YouTubers Egypt's FM asserts importance of stability in Libya, holding elections as scheduled We mustn't lose touch: Muller after Bayern win in Bundesliga Egypt records 36 new deaths from Covid-19, highest since mid June Egypt sells $3 bln US-dollar dominated eurobonds Gamal Hanafy's ceramic exhibition at Gezira Arts Centre is a must go Italian Institute Director Davide Scalmani presents activities of the Cairo Institute for ITALIANA.IT platform

Thank you for reporting!

This image will be automatically disabled when it gets reported by several people.

U.S. Justice Dept probes data breach at Uber - Reuters

Amwal Al Ghad Published in Amwal Al Ghad on 19 - 12 - 2015

The U.S. Department of Justice is pursuing a criminal investigation of a May 2014 data breach at ride service Uber [UBER.UL], including an examination of whether any employees at competitor Lyft were involved in the episode, sources familiar with the situation said.
Earlier this year, Uber revealed that as many as 50,000 of its drivers' names and their licence numbers had been improperly downloaded. An investigation by Uber determined that an Internet address potentially associated with the breach can be traced to Lyft's technology chief, Chris Lambert, Reuters reported in October.
Department of Justice spokesman Abraham Simmons said on Wednesday he could not confirm or deny a criminal probe. No one has been accused of any wrongdoing, and it is unclear whether anyone will ultimately be charged in connection with the breach.
A recently hired attorney for Lambert, former federal prosecutor Miles Ehrlich, said Lambert "had nothing to do" with the breach.
"Given that Uber apparently lost driver data, a law enforcement investigation is to be expected," Ehrlich said. "And the benefit is that the culprit here is going to be identified - and that's going to remove Chris' name from any conversation about Uber's data breach, as it should."
In a statement on Friday, Lyft said "we have not been contacted by the DOJ, U.S. Attorney's office or any other state or federal government agency regarding any investigation."
Uber declined to comment. The people familiar with the matter could not be named because they were not authorized to speak publicly.
SEARCH FOR HACKER
Lyft is much smaller than Uber, which operates in more than 300 cities in 67 countries and has raised $7.4 billion from investors. The companies, based in San Francisco, compete fiercely for drivers and customers.
Uber learnt last year that someone downloaded its driver database, which should have been accessible only with a digital security key. A search for that key turned up a copy on the code-development site GitHub, where it had been left by mistake.
Uber then obtained information from GitHub about who had connected to that page before the breach and found only one Internet Protocol address that did not belong to an Uber user or have another plausible explanation, according to court documents.
Uber filed a civil lawsuit in San Francisco federal court in February in an attempt to unmask the perpetrator. The company's court papers claim that an unidentified person using a Comcast IP address had access to the security key.
On its own, Uber investigated that address and determined that it had been assigned to Lambert, Reuters reported in October.
A U.S. judge ruled that Uber could further probe the IP address, saying it was "reasonably likely" that such an inquiry could help identify the hacker. That ruling is on hold pending an appeal.
SWORN STATEMENT
Attorneys for the unnamed Comcast subscriber have pointed out in court that the data breach was conducted from a different IP address than the Comcast address that accessed the security key. Lyft said that Uber allowed the key for the database "to be publicly accessible for months before and after the breach."
The IP address the hacker used is associated with Anonine, a virtual private network service based in Sweden that is known for vigorously protecting the privacy of its users, two people familiar with the situation told Reuters.
Ehrlich said Lambert offered to provide Uber with a sworn statement that he had nothing to do with the breach, made under penalty of perjury.
Lambert signed the statement over the summer, a separate source familiar with the situation said. In it, Lambert also said he was not aware of anyone who has copies of Uber's database, and that he did not instruct anyone to access it, the source said.
However, Lyft and Ehrlich declined to confirm or deny that Lambert's Comcast address connected to the GitHub page containing the key. They also declined to give details about Lyft's internal investigation of the matter.
Lyft reiterated on Friday that it investigated the matter "long ago" and concluded "there is no evidence that any Lyft employee, including Chris, downloaded the Uber driver information or database, or had anything to do with Uber's May 2014 data breach."
Uber's lawsuit alleges the hacker violated civil provisions of the federal Computer Fraud and Abuse Act, as well as a similar California law. It is unclear if the leaked driver information was ever used by the hacker or anyone else.
Source: Reuters

Clic here to read the story from its source.