Uber is an American company that develops and operates a mobile application that allows users to provide and employ transporting services for people.
Motherboard reported last week that thousands of active Uber accounts are for sale in black markets located in the dark web.
After investigating the issue, Uber has reported that there was no evidence of a breach in their servers.
We want to remind you that a breach is entirely possible. There are multiple ways to steal credentials, a direct attack to the company servers might be possible, but usually the stolen credentials are the result of an attack to the users using any credential stealer malware, or an slip by the company itself, that exposed unknowingly private resources to the internet.
Its important to detect this kind of leak early on, so the damage caused can be mitigated quickly, because using these credentials, a malicious agent could use them to track the movements of the users, to impersonate them in other services, or to commit fraud, besides from making a profit selling them.
Remember that more often than not, the user is the weakest link in the security chain!
Victor Acin, Threat Intelligence Analyst