I did not Lyft your data. Honest!
There you all are thinking that UBER is brilliant, fantastic, amazeballs, cheap as chips, in fact “über alles”.
Without ranting about the business model, the undercutting of established and regulated carriage businesses, which would not be appropriate for a security blog, something has drawn our attention this week.
Last year, the records of 50,000 UBER drivers were downloaded and published on GitHub. The UBERLords didn’t notice until September.
Yesterday, two ‘anonymous’ sources told Reuters that one of the IP addresses used to access the data was owned by none other than the CTO of UBER’s rival, Lyft.
Lyft have obviously denied Lyfting the data, and Chris Lambert (Lyft CTO, no relationship to The Highlander) is saying nothing publicly. In his head (fortunately still attached to his shoulders), he must be thinking ‘whoops’ whilst waiting for The Feds to come round.
The timing of the ‘anonymous’ source’s disclosure is quite odd, coming on the day that Lyft announced a lot of big partnerships with Shell for cheap petrol and Hertz, so that Hertz renters could drive for Lyft. Imagine?
What this brings to our attention is the ever increasing value of not just data, but how that data is used and abused. Did you know for instance, that a carriage business, shall we call them Unter (for the lawyers), has released stats about its customer’s extra curricular night time activities and also used its data to track the activity of journalists?
How much do you think the value is of the precise whereabouts of millions of people?
Money used to be power. Now Big Data is power. Identify your crown jewels and protect them appropriately. ITC can help you with this.
The UBER breach came via a VPN in Scandinavia, but if you have one too may beers, get distracted by the The Kurgan, or one of your kids for that matter, you will be caught.
If you would like to discuss anything in this blog, contact us on: 020 7517 3900 or email us at: [email protected].