Security researcher Seif Elsallamy discovered a flaw in Uber’s systems that enables anyone to send emails on behalf of Uber.

Buy Me A Coffee

These emails, sent from Uber’s servers, would appear legitimate to an email provider (because technically they are) and make it past any spam filters.

The researcher who discovered this flaw warns this vulnerability can be abused by threat actors to email 57 million Uber users and drivers whose information was leaked in the 2016 data breach.

READ
Western Sydney University Data Breach Exposed Student Data