Uber blames Lyft CTO for data theft
In February, Uber said that as much as 50,000 of their drivers’ titles and freedom amounts were incorrectly taken, and to discover the business organisation file cabinet a lawsuit in San Francisco federal government court docket created to bare the problem.
The court filing doesn’t mention Lambert at all, but two sources told Reuters that Lambert’s name surfaced when Uber searched for information on the IP address.
It is this IP address that Reuters’ two sources claim, was assigned to the technology chief at Lyft, Chris Lambert.
The court papers draw no direct connection between the Comcast IP address and the hacker. The ruling was despite the fact that the IP address used to launch the attack is likely to be from a VPN.
Lyft spokesperson Brandon McCormick said: “Uber allowed login credentials for their driver database to be publicly accessible on GitHub for months before and after a data breach in May 2014”.
The taxi-booking app maker didn’t notice its database had been slurped until September that year, and subpoenaed GitHub to find out the IP addresses of everyone and anyone who saw the leaked database key on its website. He also declined to describe the scope of Lyft’s internal investigation or say who directed it.
And now Uber’s investigation into the responsible party may have led it to the doorstep of its ride-hailing rival Lyft. In fact the Comcast subscriber has remained anonymous throughout the court proceedings.
Ultimately, the company realized that for a brief period, it had accidentally posted the digital security key to its database on a public GitHub page prior to the breach.
Uber investigators believe they found evidence linking Mr. Lambert to the incident, which goes back to early 2014 and involved several steps, according to the people familiar with the matter. According to a few documents, Uber learned that someone had used a security key months after it happened. One of them revealed that the service is based in a Scandinavian country. Uber attorneys convinced a government judge all things considered to arrange Comcast to discharge the records of a Comcast Internet-administration supporter who Uber cases gives off an impression of being associated with the break.
Comcast has appealed the subpoena, which would command it to turn over the unnamed subscriber’s identity, payment information and information connecting the subscriber to the development page where the key was posted.
However Judge Beeler countered that there is “no evidence” of the key’s availability outside of the context of the inadvertent GitHub post. Lyft is valued at $2.5 billion, compared to Uber’s $51 billion valuation.