Uber accidentally uploaded an internal password online and now it's fighting to see who viewed it
GitHub acts as a collaborative repository for users' code and projects. They can upload what they're working on to share their progress, or even work together. But in a serious blunder, an Uber employee uploaded an internal password to the site
With this password, it was possible to access sensitive details on more than 50,000 of Uber's drivers, including names and license plates. This security key was subsequently used for just that - at the end of February, the company announced that an "unauthorized third party" had accessed an Uber database. The intrusion took place back in May 2014, and wasn't discovered until September 2014.
Uber subsequently subpoenaed GitHub, demanding the names of everyone who had accessed the now-deleted post (or "gist") on GitHub containing the password. According to The Register, Uber says the low levels of traffic on the post "should generally reveal people, who were affiliated with Uber and who worked on the Uber code near the time of the unauthorized download."
GitHub has lost its challenge, and now has 30 days to comply with Uber's demands.
- I spent 2 weeks in India. A highlight was visiting a small mountain town so beautiful it didn't seem real.
- I quit McKinsey after 1.5 years. I was making over $200k but my mental health was shattered.
- Some Tesla factory workers realized they were laid off when security scanned their badges and sent them back on shuttles, sources say
- Indian Railways to break record with 9,111 trips to meet travel demand this summer, nearly 3,000 more than 2023
- India's exports to China, UAE, Russia, Singapore rose in 2023-24
- A case for investing in Government securities
- Top places to visit in Auli in 2024
- Sustainable Transportation Alternatives