Bug allows hackers to bypass Uber’s two-factor authentication ‘expected behavior’
As reported by our sister site ZDNet, Uber has formally acknowledged a bug in its two-factor authentication method, while at the same time saying it didn’t require an immediate solution.
Security researcher Karan Saini, who filed a bug with Uber’s bug bounty program, reached out to ZDNet after the bug was rejected. Uber’s response? It was “informative,” meaning “This report contained useful information but did not warrant an immediate action or a fix.”