Categories: Security

Uber Vulnerabilities Leak Rider Details And Journey History

A Portuguese security company has found eight security vulnerabilities in Uber’s cab-hailing platform, some of which could allow hackers to identify individual drivers and download passenger journey history.

Uber opened its public bug bounty programme in March, and during a three-week test, Portugal-based penetration tester Integrity found that its researchers were also able to get free ride vouchers using brute force attacks.

Uber security

The researchers even found a voucher that Uber didn’t know exists: a free ride up to $100 for emergencies.

Bug bounty programmes are becoming increasingly popular in the software industry, and provide companies with the most authentic way of testing the security of their systems. Just this week Google revealed that it had given out almost £400,000 to researchers who found flaws in its Android operating system.

Integrity said that its first pass over Uber only yielded previously reported flaws, but then decided to double back and implement new processes to hunt for bugs.

“In order to implement some kind of methodology, we went back to the Uber bug bounty program to check again [its] scope,” said the researchers.

By this, the researchers meant all of Uber’s software that can be accessed, such as rider apps for iOS and Android, driver apps for iOS and Android, and the various Uber websites such as and

The researchers then DNS brute-forced all of the Uber subdomains that they could find. This method rewarded Integrity with free promo codes for rides, by brute forcing

“Uber has a feature that allows the usage of promotion codes. This codes can be given by other users or companies. The application had this feature in the payment page, so after adding a new promotion code we grabbed the request and realised that the application didn’t had any kind of protection against brute-force attacks, which helped us to find many different promotion codes,” they explained.

“Uber also gives an option to customize promotion codes, and since all the default codes began with the word “uber”, it was possible to drop the time of the brute force considerably allowing us to find more than 1000 valid codes.

“Initially this issue was not considered valid because the promotions codes are supposed to be public and be given by anyone.

This was true until finding an $100 ERH (Emergency Ride Home) code which they (uber-sec team) had no knowledge about. This ERH codes work differently from all others since even if a promotion code is already applied this ones can still be added.”

Help page

Next, the researchers discovered that user email addresses could be gleaned by emailing Uber through the help page request form on the app. Another bug was found when the researchers realised they could access other rider phone numbers when a rider decides to split a fare, a feature that needs another rider’s phone number to work. Unfortunately, this bug had already been discovered.

In total, Integrity found eight new vulnerabilities: the brute force attack to get free promo codes, a way to view a driver’s ride history by bay of their unique driver ID, a way to view the driver’s email address from their driver’s ID, and view trip information from other users. Four other vulnerabilities were found but they are currently not disclosed by Uber yet.

“This was our first bug bounty program that we really dedicated some time, and we think it had a positive outcome,” said Integrity.

“For the people who are starting the bug bounty programs, our advice is: never give up or be afraid if it is a big company, just have fun and try to learn as much as possible along the way and in time the profits will come.

“With this being said, we think that Uber has one of the best bug bounty programs, with great payouts,” it added.

Take our cybersecurity quiz here!

Ben Sullivan

Ben covers web and technology giants such as Google, Amazon, and Microsoft and their impact on the cloud computing industry, whilst also writing about data centre players and their increasing importance in Europe. He also covers future technologies such as drones, aerospace, science, and the effect of technology on the environment.

Recent Posts

Amazon Mulls $5 Monthly Charge For AI Alexa – Report

“Desperate attempt” to monetise service. AI upgrade of Amazon's Alexa voice assistant will entail a…

13 hours ago

Russian Hackers Of London Hospitals Publish Patient Data

Russian cyber criminal gang Qilin, which caused huge disruption to multiple London hospitals, has now…

14 hours ago

McDonald’s Ends Its AI Drive-Through Assistant Experiment

Test by MacDonald’s to replace human servers with AI-based voice assistants for its drive-through (or…

1 day ago

Anthropic Launches Newest AI Model, Claude 3.5 Sonnet

Just three months after launching its Claude 3 model family, startup Anthropic launches an updated…

2 days ago