Are Uber overlooking a bug that makes its app security vulnerable
![](https://static.wixstatic.com/media/8bb3dd_7b38279447574f8e84eb33c1b17f9ae0~mv2.jpg/v1/fill/w_147,h_98,al_c,q_80,usm_0.66_1.00_0.01,blur_2,enc_auto/8bb3dd_7b38279447574f8e84eb33c1b17f9ae0~mv2.jpg)
The controversial ride-hailing service Uber has chosen to ignore a security glitch that could tempt hackers to access the customer app.
The flaw centres around security called two-factor authentication (2FA) which is used to add a second level of security after username and password. This could include requesting a security code to be sent to the registered users phone for example.
Accroding to ZDNET a spokesperson at Uber said the big "isn't a particularly severe" problem despite many huge online companies investing heavily in the protection. This comes soon after the discovery of a huge 57 million user data hack back in 2016 which Uber failed to make public and instead paid hackers a ransom in an attempt to cover up the breach. However, a security researcher hailing from New Delhi, found the 2FA could be easily bypassed rendering the second level of security pointless.
![](https://static.wixstatic.com/media/8bb3dd_e5085b5b88424d73b3c90b2191fe58a2~mv2.jpg/v1/fill/w_147,h_45,al_c,q_80,usm_0.66_1.00_0.01,blur_2,enc_auto/8bb3dd_e5085b5b88424d73b3c90b2191fe58a2~mv2.jpg)