Stolen Uber User Logins Are For Sale On The Dark Web: Only $1 Each
by Robert Hackett, Fortune magazine
Uber login credentials are apparently being sold on the dark web, reports Vice’s Motherboard.
The information is being advertised for sale on the black market AlphaBay, a website that can only be accessed through the Tor browser, an anonymity-preserving network used by political dissidents, privacy-minded Internet users and criminals.
One person using the alias “Courvoisier” claims to have “thousands” of “hacked accounts” for sale, each for as little as $1. Another, “ThinkingForward,” is offering individual account logins for $5 each.
“I will guarantee that they are valid and live ONLY,” ThinkForward wrote on the site. “Discounts on bulk purchases.”
Engaging in a bit of investigative reporting, Motherboard contributor Joseph Cox wrote:
Motherboard received a sample of names and passwords available and verified that at least some of the accounts were active by contacting those users. The data includes names, usernames, passwords, partial credit card data, and telephone numbers for Uber customers.
Those credentials can then easily be applied to retrieve a user’s trip history, discover other information like a user’s street address, or to fraudulently order a ride from the popular car service. It’s not yet clear how the credentials were stolen —whether hacked, leaked, snatched through a compromised third-party (use distinct passwords for your accounts, readers!) or some other means.
Continue reading on Fortune.com
Tags: Data Breach, Privacy, Transportation Network Companies, Uber