Although the ride sharing company Uber says that they have not found any evidence of a breach, two vendors are selling passwords and user names on the dark web.

One vendor named "Courvoisier" is selling the names and passwords for $1 each. Another named "ThinkingForward" is charging $5 each.

As Courvoisier writes: "The credentials provided will be a valid login for the Uber website[,] for which you can use to order phones from[,] completely free. (You can find the guide in our store if you're unaware on the how-to)."

131 such logins have been sold since March 18th.

Uber spokeswoman Trina Smith said: "Attempting to fraudulently access or sell accounts is illegal and we notified the authorities about this report. This is a good opportunity to remind people to use strong and unique usernames and passwords and to avoid reusing the same credentials across multiple sites and services."

Motherboard reached out to one of the users and told him his password. His response: "Bloody hell!!"

Source: arstechnica