Eight months since suffering a major data breach, ride-sharing service Uber is now focusing on an investigation on an IP address that the company says could lead to the culprit.
The IP address, according to two sources that are familiar with the matter, can be traced back to rival Lyft's chief technology officer Chris Lambert.
Earlier in February, Uber said that up to 50,000 of the names and license numbers of the company's drivers were compromised, with a lawsuit filed in the San Francisco federal court to find out who did it.
The court papers state that the culprit with a Comcast IP address had access to a security key that was used in the breach. And according to the sources, the address belonged to Lambert.
The court papers, however, cited no direct relationship between the Comcast IP address and the data breach culprit. The IP address was not even the one from where the hacking attack was initialized. Still, U.S. Magistrate Judge Laurel Beeler ruled the data that Uber is seeking could likely determine the attacker.
Brandon McCormick, the spokesman for Lyft, reiterated recently that the company found no evidence of any of its employees being involved in the data breach.
The documents that Uber filed revealed that the company found out months after the hack was carried out that the attacker used a digital security key to be able to get into the database of drivers. A copy of the said key was supposedly posted by accident by Uber on a public GitHub page, where it was accessible for months.
After the driver database was discovered to have been accessed, the company studies the IP addresses of all the visitors of the page where the security key was posted. According to Uber, the Comcast IP address is the only one remaining which Uber still suspects as that of the culprit.
However, questions remain on how Uber was able to exclude all the other IP address as possible suspects to focus on that one address supposedly belonging to Lambert.