Report: DOJ opens criminal investigation of Uber data breach

Reuters says the Department of Justice will investigate whether a Lyft employee was involved in the hack.

Sponsored Links

AFP/Getty Images
AFP/Getty Images

The US Department of Justice is conducting a criminal investigation of a breach that exposed the personal data of 50,000 Uber drivers in May 2014, Reuters reports, citing "sources familiar with the situation." Uber discovered the hack in September 2014 and went public with the news in February. Reuters says the DOJ will investigate whether Chris Lambert, technology chief for rival ride-sharing company Lyft, had anything to do with the breach.

Uber's own investigation found that an IP address assigned to Lambert once accessed a GitHub page containing the security key used in the hack, Reuters reports. Lyft and Lambert's attorney, Miles Ehrlich, deny the technology chief's involvement. Lyft pointed out that Uber's security key was "publicly accessible for months before and after the breach," Reuters writes.

"Given that Uber apparently lost driver data, a law enforcement investigation is to be expected," Ehrlich told the site. "And the benefit is that the culprit here is going to be identified -- and that's going to remove Chris' name from any conversation about Uber's data breach, as it should."

The Department of Justice has yet to confirm whether it's embarking on this particular criminal investigation, Reuters says.

[Image credit: AFP/Getty Images]

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Popular on Engadget