The United States Department of Justice is pursuing a criminal investigation around Uber’s May 2014 data breach, Reuters, citing “sources familiar with the situation,” reported. Last May, Uber’s database was breached by an unknown third party, and revealed the names and license plate numbers of about 50,000 drivers throughout the country.
Uber confirmed the data breach in February of this year, and two Reuters sources have since said that the IP address associated with the security key used in the breach was linked to Lyft Chief Technology Officer Chris Lambert. Though, Uber’s court documents make no direct connection between the IP address used, the data breach and the hacker, Reuters reported in October.
Department of Justice spokesperson Abraham Simmons told Reuters that he could not confirm or deny a criminal probe. Meanwhile, Lambert’s attorney told Reuters that Lambert “had nothing to do” with the breach. Lyft has also previously said that it conducted its own investigation, and concluded that none of its employees had anything to do with the breach.
“We have not been contacted by the DOJ, U.S. Attorney’s office or any other state or federal government agency regarding any investigation,” a Lyft spokesperson told TechCrunch.”Our investigation into this matter was thorough, and there is no evidence that any Lyft employee, including Chris, downloaded the Uber driver information or database, or had anything to do with Uber’s May 2014 data breach.”
Uber declined to comment for this story.