Announcements > News Articles

Uber - 57 million hacked, ransom paid, covered up

(1/17) > >>

sevenlayermuddle:
https://www.theverge.com/2017/11/21/16687796/uber-cyberattack-data-breach-exposed-users-57-million

kitz:
Wow!

Security is really becoming a major issue.   :'(
Over the past few years theres an awful lot of extremely large databases which have been breached.   Some of these companies are organisations who are supposed to have full time IT teams looking after this data.

In view of the fact that this year alone there's only just been disclosure as to the full extent of the likes of Yahoo mail (BT/Sky) and Experion breaches makes you wonder how many more we havent heard of yet.  To their credit whilst the TT breach was bad, at least they did come clean fairly soon and admit that there had been a loss of data. 

The fact that Uber covered it up and paid the ransom is why hackers continue to do what they do :(

d2d4j:
Hi

I hope you don’t mind, as I do not want to take this off topic sorry

I think there will be more disclosures still to come

If you think back to the big outage of dns/ssl about a year ago or so, I thought then it was a measured attack to gain access to systems. It was never reported fully why the dns attack took place

Also, I think most companies who have their own it department(s), most do not look after fully their company it. It is mostly outsourced to third parties. We ourselves, look after some top 10 companies hosting needs, and not their it departments

I do believe the web developers have to take some responsibility for breaches. I used to be amazed when seeing a website not closing sessions but not now. There’s more but no time and wrong thread sorry

Divergence, weak passwords, poor routing/firewall control, employees and/or ex employees etc.... all are well known for data breaches. Never mind that their computers maybe infected (inc root kit).

Lastly, I have a file from around 10 years ago, a single file from a breached server, which this 1 very small file, gave full admin/root access to the whole server, and so easy to upload (does not need activating or installing), it just needs to be on a web hosting root level

This is just my thoughts though, so apologies if I’m wrong or posted wrongly. Please feel free to delete

Many thanks

John

broadstairs:
Getting back to Uber this seems to me to be another very valid reason why we should not roll over and allow Uber to operate in the UK. The company obviously cannot be trusted.

Stuart

sevenlayermuddle:

--- Quote from: broadstairs on November 22, 2017, 08:13:37 AM ---Getting back to Uber this seems to me to be another very valid reason why we should not roll over and allow Uber to operate in the UK. The company obviously cannot be trusted.

Stuart

--- End quote ---

I’d like to think that TFL would be allowed to take things like this into consideration, in judging whether Uber are fit & proper.   

But I’m willing to bet Uber will produce clever arguments (or maybe daft arguments) that portray themselves as now whiter than white, and concoct obstacles to TFL’s process, maybe arguing “the servers were not located in London”,  or “We have mended our ways”.   >:(

Navigation

[0] Message Index

[#] Next page