{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreigj6ajuhhc27f4qkeinvpy7ddyib5ysnmz4yhzyxh5a7do2oqwbfe",
    "uri": "at://did:plc:qr4e2ezyzzrevbuw6v5xz4hs/app.bsky.feed.post/3mm44c2www232"
  },
  "path": "/uber-data-leak/",
  "publishedAt": "2026-05-17T13:06:00.000Z",
  "site": "https://blog.avas.space",
  "textContent": "For the last 2 weeks, I have received 2FA codes for my UberEats account that I did not request roughly every couple days. The account was only created a year ago and used twice, then never again. The email address and password were created specifically for it and are not used elsewhere. No other accounts and services I use are affected. A quick search shows others have been dealing with the same very recently (~3 weeks).\n\nI logged in and tried to start the account deletion process. It ends in a white screen with no confirmation, and you get no “Sad to see you go” email or anything else. If you’re lucky, you’re forcibly logged out and take it as a sign that it worked. That’s a shitty process.\n\nThe info says they deactivate for 30 days and then fully delete, and I had hoped that would stop the 2FA requests, but alas, it did not. They still let you attempt log in and send a code, and I have no idea if that stops the deletion process or resets the 30 days. As I did not want a random person thwarting my account deletion, I once again logged in, changed all personal information and the password, and started the account deletion again (same bullshit).\n\nI have contacted their privacy team to let them know. We’ll see what they say. I also requested them to delete my account in case the deletion process failed.\n\nI haven’t yet seen any notice about this on their website or in the media. 🤷🏻‍♀️\n\nIf you have an Uber/UberEats account, consider changing your password.\n\nReply via email\nPublished  17 May, 2026",
  "title": "i suspect there is a new uber data leak",
  "updatedAt": "2026-05-17T13:12:02.459Z"
}