Uber accidentally uploaded an internal password online and now it's fighting to see who viewed it
GitHub acts as a collaborative repository for users' code and projects. They can upload what they're working on to share their progress, or even work together. But in a serious blunder, an Uber employee uploaded an internal password to the site
With this password, it was possible to access sensitive details on more than 50,000 of Uber's drivers, including names and license plates. This security key was subsequently used for just that - at the end of February, the company announced that an "unauthorized third party" had accessed an Uber database. The intrusion took place back in May 2014, and wasn't discovered until September 2014.
Uber subsequently subpoenaed GitHub, demanding the names of everyone who had accessed the now-deleted post (or "gist") on GitHub containing the password. According to The Register, Uber says the low levels of traffic on the post "should generally reveal people, who were affiliated with Uber and who worked on the Uber code near the time of the unauthorized download."
GitHub has lost its challenge, and now has 30 days to comply with Uber's demands.
- I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
- Saudi Arabia wants China to help fund its struggling $500 billion Neom megaproject. Investors may not be too excited.
- Colon cancer rates are rising in young people. If you have two symptoms you should get a colonoscopy, a GI oncologist says.
- FSSAI in process of collecting pan-India samples of Nestle's Cerelac baby cereals: CEO
- Narcissistic top management leads to poor employee retention, shows research
- Audi to hike vehicle prices by up to 2% from June
- Kotak Mahindra Bank shares tank 13%; mcap erodes by ₹37,721 crore post RBI action
- Rupee falls 6 paise to 83.39 against US dollar in early trade