Must be Script Kiddies if they are hacking Uber but using their own IP address.
Anyone with even a little internet savvy knows how to track an IP address and how to mask it.
Apparently they used some phishing script on a smartphone to trick the employee(s) into giving them credentials.
More details here:
https://www.zdnet.com/article/how-the-fbi-tracked-down-the-twitter-hackers/