Uber has been in hot water over the last few months for some very unsavory allegations. Among them was that Uber was hacked resulting in the data of 57 million customers being stolen. The company allegedly paid the hacker $100,000 to delete the data. The latest issue stems from a 37-page letter that Ric Jacobs, a former member of the Uber security team, sent to management earlier this year detailing all the shady things the company has done over the years.
Image Source: Wikimedia Commons (Dllu)
Until this week, only portions of the letter, called the Jacobs Letter, had been revealed, but now a redacted copy of the letter is part of the litigation between Uber and Waymo. The letter claims that Uber's Strategic Services Group known as SSG "frequently engaged in fraud and theft, and employed third-party vendors to obtain unauthorized data or information."
The Jacobs letter also accuses Uber security officers of hacking and "destruction of evidence related to eavesdropping against opposition groups." Jacobs claims in his letter that Uber workers went to extreme lengths to hide surveillance activities from authorities. Part of that effort included using computers not purchased by Uber that ran on Mi-Fi devices to prevent the traffic from turning up on Uber networks.
It's also alleged that Uber workers used "non-attributable architecture of contracted Amazon Web Services" to conceal their efforts. As for who Uber was surveilling, Jacobs claims "politicians, regulators, law enforcement, taxi organizations, and labor unions in, at a minimum, the US."
The letter goes on to claim that the Uber Marketplace Analytics team was responsible for "acquiring trade secrets, codebase, and competitive intelligence... from major ridesharing competitors globally."
One of the tactics Uber allegedly used against its competition involved illegitimately scheduling rides. Jacobs described the technique in his letter, "These tactics were employed clandestinely through a distributed architecture of anonymous servers, telecommunications architecture, and non-attributable hardware and software. This setup allows the MA team to make millions of data calls against competitor and government servers without causing a signature that would alert competitors to the theft. For instance, a sophisticated competitor [REDACTED] would set thresholds when they see devices attempting to request rides by the hundreds or thousands in a short period of time. However, if the data calls are diversified across what appear to be multiple devices and a broader time period, filters would not detect the anomaly."Uber says that Jacobs is an extortionist and points to the $4.5 million settlement he received. U.S. District Court Judge William Alsup, who is overseeing the case between Waymo and Uber, called Uber's clams against Jacobs "BS."