A post on a dark web forum alleges that Uber Eats, the food delivery service by Uber, suffered a data breach in September 2024, leading to the exposure of over 283,000 records. The post was made by a threat actor operating under the alias “@888”.
According to the threat actor, the compromised dataset includes information such as order details and financial transactions. The exposed data reportedly contains fields like “Store Name,” “Order ID,” “Ordering Provider,” “POS Reference,” “Type,” and timestamps related to the placement and fulfillment of orders. Financial data, including “Subtotal,” “Delivery Charge,” “Tax,” “Tip,” and “Total,” was also listed as part of the leak.
The threat actor also included a sample from the alleged leak.