Sunday, September 25, 2022

Latest Posts

Uber investigates ‘cybersecurity incident’ after reported breach

No indication the hacker did any harm or was interested in more than the public, the engineer says.

Uber Technologies Inc has said it is investigating a cybersecurity incident after its network appeared to have been breached and the transportation provider had to shut down several internal communications and engineering systems.

A hacker compromised an employee’s workplace messaging app Slack and used it to send a message to Uber employees announcing that the company had suffered a data breach, according to a New York Times newspaper report Thursday, in which an Uber spokesman was quoted.

It appeared that the hacker was later able to gain access to other internal systems by posting an explicit photo on an internal employee information page, the report added.

“We are in contact with law enforcement and will post further updates here as they become available,” Uber said in a tweet, without giving further details.

“It seems like they compromised a lot of stuff,” said Sam Curry, an engineer at Yuga Labs who communicated with the hacker. That includes full access to the Amazon and Google-hosted cloud environments where Uber stores its source code and customer data, he said.

Curry said he spoke to several Uber employees, who said they were “working to lock everything down internally” to limit the hacker’s access.

The Slack system was taken offline by Uber after employees received the hacker’s message, the Times report said, citing two employees who were not authorized to speak publicly.

“I announce that I am a hacker and Uber suffered a data breach,” the message read, listing several internal databases that were claimed to have been compromised, it added.

A person claiming responsibility for the hack told the newspaper he sent a text message to an Uber employee claiming to be an IT worker for the company.

The worker was persuaded to provide a password that would allow the hacker to gain access to Uber’s systems, it said.

Slack said in a statement to Reuters the company is investigating the incident and there is no evidence of a vulnerability in its platform. “Uber is a valued customer, and we’re here to help them when they need us,” said Slack, which is part of Salesforce Inc.

According to the report, Uber employees have been instructed not to use Slack. Other internal systems were also inaccessible.

Curry said there was no indication the hacker had done any harm or was interested in more than the public. There was also no evidence that Uber’s vehicle fleet or operations were affected in any way.

“My gut feeling is that it looks like they want to get as much attention as possible,” Curry said.

The hacker alerted Curry and other security researchers to the intrusion by using an internal Uber account to comment on vulnerabilities they had previously identified on the company’s network through its bug bounty program, which pays ethical hackers to spot network weaknesses track down.

The hacker provided a Telegram account address, and Curry and other researchers then engaged them in a separate conversation, sharing screenshots of various pages from Uber’s cloud providers to prove they broke in.

The Times said the hacker was 18 and said he broke in because the company had weak security.

The company has been hacked before.

His former security chief, Joseph Sullivan, is currently on trial over allegations that he paid hackers $100,000 to cover up a 2016 high-tech heist that stole the personal information of some 57 million customers and drivers.

Latest Posts

Don't Miss