While it’s still unclear who was behind a data breach that ultimately compromised the names and license numbers of nearly 50,000 Uber drivers back in 2014, the company is on a mission to find out.
And now Uber’s investigation into the responsible party may have led it to the doorstep of its ride-hailing rival Lyft.
Two sources familiar with the matter told Reuters that Uber has not only identified a Comcast IP address had access to a security key used in the breach, but that it has now traced the address back to Lyft’s chief technology officer, Chris Lambert, the news outlet reported today (Oct. 8).
[bctt tweet=”Could a Lyft executive really be behind Uber’s data breach last year?”]
In February, Uber revealed its information database was breached on May 13, 2014, by a third-party source, but was not discovered by the company until September 17, 2014.
In a blog post on Uber’s website, the company’s managing counsel of data privacy Katherine Tassi said all impacted drivers were notified but she noted that as of February there were no reports of the information being used for fraudulent purposes.
“To date, we have not received any reports of actual misuse of any information as a result of this incident, but we are notifying impacted drivers and recommend these individuals monitor their credit reports for fraudulent transactions or accounts,” Tassi wrote in the post.
“We have also filed what is referred to as a ‘John Doe’ lawsuit so that we are able to gather information that may lead to confirmation of the identity of the third party.”
[bctt tweet=”Uber is following an IP address trail to reveal who hacked its driver database last year”]
Eight months later, it seems Uber is finally close to getting answers.
Uber’s lawsuit, which was filed in San Francisco federal court, alleges that the cybercriminal behind the data breach acted in violation of the federal Computer Fraud and Abuse Act.
Neither Lyft nor Lambert are names explicitly in the court documents, but U.S. Magistrate Judge Laurel Beeler ruled Uber’s subpoena of Comcast records could lead to information that is “reasonably likely” to help reveal the “bad actor” behind the cyberattack, Reuters confirmed.
On Monday (Oct. 5), Lyft spokesman Brandon McCormick told Reuters the company investigated the matter “long ago” and found “there is no evidence that any Lyft employee, including Chris, downloaded the Uber driver information or database, or had anything to do with Uber’s May 2014 data breach.”
But Reuters pointed out that McCormick did not comment on whether the suspected IP address actually belongs to Lambert or not. He also chose not to provide any details on what Lyft’s internal investigation entailed and who led it.
To check out what else is HOT in the world of payments, click here.