Uber’s secure transport service, called UberEats, is facing a potential attack on its website that has been blamed on a malicious actor.
The hack, which the company says is only the latest in a string of security breaches at the ride-hailing app, has also left thousands of customers without UberEATS, the company announced Wednesday.
The UberEAT security breach is a threat to Uber’s business, said Uber’s general counsel, Jeff Holden.
UberEates is a separate company from Uber, but it is a similar platform.
Holden said the breach is affecting a “small number of people” but UberEaters customers “will receive an email informing them that their account has been hacked.”
“We are aware of an incident that occurred on UberEater.com today,” the email said.
“We have reached out to UberEaten, and they have taken immediate steps to help secure the site.”
“The security breach appears to be limited to a small number of users, and we are actively working to protect our customers.”
The email also stated that the affected users are “expected to receive an additional email shortly, informing them of their status.”
“Our team is working to investigate this incident, and have offered to reimburse users who were impacted,” the company said in a statement.
Uber also said in the email that the company has begun to contact customers who may have been affected by the breach and is working with local authorities to identify those affected.
The company also said that it has notified UberEate suppliers and will provide refunds for those affected by this breach.
“This is a breach of a trusted and trusted ally, which we are sorry to see happen,” Holden said in an email to The Associated Press.
“However, we have been working hard to ensure that our secure transport platform remains secure, and as always, we will be providing full refunds to our affected customers.”
A separate UberEat breach that affected tens of thousands of people is being investigated, the tech giant said Wednesday.
In the email, Holden said “we are aware that we have received a notification from UberEating and are investigating.”
UberEattens website was hacked earlier this month, causing thousands of users to lose their UberEasts.com account.
The website was not able to return users to their accounts until Monday, according to a statement from Uber.
“The incident we have uncovered is an isolated incident,” Holden wrote.
“Our investigation is ongoing, and it will be appropriate to notify customers as soon as possible.”
Holden also said UberEaton, Uber’s premium delivery service, has been notified.
Holden did not name the affected companies.
He said the UberEATER breach was “very minor.”
A spokesperson for UberEeat said the company is working on getting back to affected users and that the Uber service is back up and running as usual.
Uber is also investigating a similar attack on the Uber app, the spokesman said.
Holden is responsible for overseeing UberEatta, which provides rides for many of the ride services that Uber operates.
The app has a “high-level of security,” said Holden.
“A malicious actor may be trying to gain access to your account, or otherwise gain unauthorized access to information.”
Holden said Uber has been “very careful” about the security of its service, which includes a “secure” password.
Holden added that Uber has a policy that allows the company to delete or limit user accounts, including ones that are used to commit fraud.
“It’s our hope that all Uber customers will be able to get back into their accounts safely,” he said.
Uber’s security breach comes as it has faced criticism over its handling of other cybersecurity breaches, including one that affected the personal data of nearly 50 million users.
Uber has said the attack was a “data breach.”