Uber patched a bug in its site recently that could have allowed an attacker to log into some of its sites without a password and further compromise its internal network.
Source: Threadpost