Light Dark
March 31, 2015 By Douglas Bonderud 2 min read

Looking for a nearly free ride? According to The Hacker News, thanks to an alleged Uber security breach, two separate users on the Dark Web marketplace AlphaBay are offering stolen Uber accounts for less than $5. The users, Courvoisier and ThinkingForward, say they have thousands of legitimate, active accounts for sale, while the company itself denies any breach took place. So what’s the real story?

Quite the Trip

This all started just a few weeks ago, when the accounts and a guide for black-market Uber users to avoid getting caught suddenly appeared on AlphaBay. While it’s possible the offerings aren’t real, The Register reports that Courvoisier has sold more than 3,000 accounts in total, while Motherboard notes that satisfied buyers have commented on the “speedy delivery” and say the credentials work perfectly.

What comes with a stolen Uber account? Both the $1 and $5 versions include access to payment details, allowing purchasers to order rides and charge them to original account owners. More worrisome, however, is the access to the other data Uber’s app routinely collects, such as users’ partial credit card data, trip history, email address, phone numbers and home and work addresses, if available.

In other words, this is all the information needed to not only book free rides but potentially make life very difficult for original account owners, many of whom don’t even know they’ve been hacked. Motherboard contacted several account owners after being provided with sample credentials from the AlphaBay sellers and was able to confirm they are genuine.

The Fault in Our Cars

So who is to blame for this Uber security breach? In a prepared statement, the ride sharing company claimed it “found no evidence of a breach.” This is tough to swallow, however, given the recent Uber data breach that put more than 50,000 driver accounts at risk because a private security key was left on a public GitHub page.

While the more recent account issues may not be Uber’s fault, the company’s track record isn’t exactly stellar. One user contacted did admit his Amazon and Uber logins were identical, suggesting cybercriminals may have breached personal security rather than Uber’s corporate defenses, but either way, the outcome is the same. Those willing to shop on the Dark Web can get nearly free Uber trips on the back of legitimate account holders.

No matter who is responsible, users need to change their login information and make sure no extra trips have been taken on their credit cards. On Uber’s end, it’s likely the company won’t be able to ignore this issue, even if its network security is up to snuff. With users and drivers increasingly worried they’re being taken for a ride, Uber needs to find a way to slow cybercriminals’ roll.

 |  |  |  |  |  | 
Douglas Bonderud
Freelance Writer

More from

December 23, 2024

FYSA – Adobe Cold Fusion Path Traversal Vulnerability

2 min read - Summary Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure. Threat Topography Threat Type: Arbitrary File System Read Industries Impacted: Technology, Software, and Web Development Geolocation: Global Environment Impact: Web servers running ColdFusion 2021 and 2023 are vulnerable Overview X-Force Incident Command is monitoring the disclosure…

November 22, 2024

What does resilience in the cyber world look like in 2025 and beyond?

6 min read -  Back in 2021, we ran a series called “A Journey in Organizational Resilience.” These issues of this series remain applicable today and, in many cases, are more important than ever, given the rapid changes of the last few years. But the term "resilience" can be difficult to define, and when we define it, we may limit its scope, missing the big picture.In the age of generative artificial intelligence (gen AI), the prevalence of breach data from infostealers and the near-constant…

November 21, 2024

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature