Skip to main content

Uber's 'lost and found' database open for anyone to see

San Francisco-based taxi company Uber is in hot water once again, after exposing internal data on users accounts and phone numbers on its "lost and found" database.

For some reason, the support page on Uber's website showed the whole database for lost and found items. Uber offers the service to users who have lost an item belonging to them, and with the right information Uber will try and track down the item.


The log only showed lost and found items from January to February 2015 and was up for around 5 hours before Vice Motherboard spotted the database in plain view.

Specific journey details were hidden behind a password locked section for Uber drivers only. This is used for drivers to better understand when the item was lost and retrace the journey for any stops.

It is not clear if hackers would be able to utilize the information, the phone numbers might be a concern, but without additional information there is no harmful attack which could be carried out.

This is one of the first times Uber's app and website security has been compromised, but thankfully it was not from an outside source, rather an internal mistake.

Uber has been under fire for various issues around the world, including an Indian taxi driver accused of raping a woman in an Uber taxi; not listening to South Korean traffic legislation with its Uber X and Black cars and an executive offering "one million dollars" to dig up information on journalists smearing the company.

David has been a technology journalist for over six years, covering a wide range of sectors. He currently researches apps, app sectors and app markets for Business of Apps, and has written for ITProPortal, RTInsights, ReadWrite, and Digital Trends.