Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Uber's Private DB Key On Public GitHub Page →

March 04, 2015 by Marc Handelman in All is Information, Blatant Stupidity, Information Security, Governance, GRC, Encryption, Database Security, Data Security, Data Loss Prevention

Meanwhile, in Blatant Stupidity news, ArsTechnica's Dan Goodin writes of the latest Uber mistep. This time, Uber decided to store an encrypted database's PRIVATE KEY (anecdotally, the DB contained sensitive data for at least fifty thousand of the company's drivers) on a GitHub public page. Apparently, there may have been a wee bit of confusion as to what a PRIVATE KEY is, in relation to a PUBLIC KEY within Uber's apaprently crack IT department... Oops.

March 04, 2015 /Marc Handelman
All is Information, Blatant Stupidity, Information Security, Governance, GRC, Encryption, Database Security, Data Security, Data Loss Prevention