There is very little love lost between car-platform rivals Lyft and Uber. Nowhere is that more apparent than in a Reuters’ article about anonymous sources pointing fingers at Lyft’s technology chief Chris Lambert as the probable cause of an Uber hack. According to the report, after a massive breach of driver information back in February, Uber launched an investigation to determine who got into its system. That led it to court to determine who was behind a Comcast IP address that had accessed the security key the ride-sharing company accidentally left on GitHub. Even though the filing draws no connection to the actual hack (which according to Reuters sources was routed through a Scandinavian VPN) the court ruled that the information was “reasonably likely” to help the company find the person (or persons) involved in the breach.
Uber as a company has not identified Lambert. In fact the Comcast subscriber has remained anonymous throughout the court proceedings. Still, it’s quite a leap to go from an IP address that accessed a publicly available file to outright hacking. The company believes that while there is no direct connection between the mystery Comcast IP and the hack, the identity of the person behind that address could shed some light on the breach. Which isn’t all that far fetched.
Lance Cottrell, chief scientist of security firm Ntrepid told Engadget this type of situation is “characteristic of the kind of mistakes people make when conducting an attack.” If the person behind the IP address stumbled onto the key while perusing Uber’s GitHub account, it’s already too late to start hiding who they are. It’s usually not until a bad actor starts an actual attack that they take precautions like using a VPN or public WiFi to hide their identity. Of course that’s if the anonymous internet user is actually responsible.