Now I know that data hacks are pretty common these days… but this is pretty major, mainly because:
- It was huge
- It was covered up
So that’s 57 million customer name, addresses and mobile phone records that were taken. The report mentions how the breach occurred - and that’s because the code for the app was held on a private Github repository that was breached, and that contained Uber’s Amazon AWS login credentials.
I mean - what the fuck. I get GitHub and I get it is used by businesses - but surely you don’t store your production credentials in a repository? Why not use a completely private git server too if you are a multiple billion dollar company, rather than relying on Github?
Then to attempt a cover up? wow.
I only hear bad things about Uber. Surprised they are still going.