A data breach of 50,000 driver records at taxi service Uber discovered early this year has been linked to the CTO of rival company Lyft, according to reports.
Two sources “familiar with the matter” told Reuters that a digital encryption key used to access an Uber database could be traced to the Comcast IP address of Lyft’s technology chief, Chris Lambert.
Uber revealed in February that an unidentified actor had hacked into a driver database in May 2014 and taken details of as many as 50,000 individuals and their vehicles.
It then filed a John Doe lawsuit against the unnamed person it believed to be the hacker, as well as a subpoena against GitHub to force it to reveal the IP address of anyone who visited a specific Gist post between March and September 2014.
A copy of the security key in question had been accidentally left on GitHub exposed to the public for three months after a blunder by an Uber employee.
Lyft spokesman Brandon McCormick told the newswire last week that it had investigated the matter “long ago” and concluded “there is no evidence that any Lyft employee, including Chris, downloaded the Uber driver information or database, or had anything to do with Uber’s May 2014 data breach."
However, he didn’t clarify whether the Comcast IP address in question was Lambert’s or not.
Eric Chiu, president of cloud security firm, HyTrust, claimed insider threats are the number one cause of breaches today – adding that the incident was like “leaving your house key under the doormat for anyone to use.”
“Intellectual property has always been important to companies who deal in physical goods, but for service-based companies, information is the lifeblood of the business,” he added.
“Industrial espionage is an increasing risk for companies and the Uber and Lyft case shows that this isn’t just a nation-state or international issue. Your competitor down the street or across the country might be the attacker trying to steal company information for their competitive advantage.”
Meanwhile, Sam Glines, CEO of Norse, claimed that the attack could represent the emergence of yet another type of threat for CISOs to worry about.
“If the accusations are true, what we’re witnessing is that attacks that have typically been ‘nation-state against nation-state’ are shifting to include ‘enterprise competitor vs enterprise competitor,” he added.