Read Time:1 Minute, 56 Second
A teenage hacker reportedly breached the company’s systems, but it is still unclear how much damage was done.
On Thursday evening, the ride-share company Uber served notice that it was addressing “a cybersecurity incident” and would be notifying law enforcement. A person who identifies as an 18-year-old hacker admitted to being behind the attack, sharing details of how they broke into the system with multiple security researchers.
On Thursday night, the attacker allegedly wrote, “Hi @here I announce I am a hacker and that Uber has suffered a data breach,” in a Slack channel for Uber. The hacker’s message also listed several Uber databases and cloud services, which he said he had hacked.
According to reports, the message ended with “uberunderpaisdrives.”
According to The New York Times, which first reported the breach, the firm shut down access to Slack and various internal services on Thursday evening. The company announced a noon update on Friday stating that “internal software tools that we took down as a precaution yesterday are coming back online.”
On Friday, Uber stated that it has “no evidence that the incident involved access to sensitive user data (like trip history),” using language associated with breach notification.
However, screenshots leaked by the attacker show that Uber’s systems may have been severely and entirely compromised. Anything the attacker didn’t access may be because they were limited on time rather than an opportunity.
“It’s disheartening, and Uber is not the only company this approach would work against,” says offensive security engineer Cedric Owens.
The attacker says they first gained access to company systems. They targeted an individual employee and repeatedly sent them multifactor authentication login notifications attacker contacted the same target on WhatsApp, pretending to be an Uber IT person. The false claim was that once they approved their login, MFA notifications would stop being sent.
Although Uber’s stock took a minor hit on Friday morning, it had regained some ground by the time the market closed. The details of what is going on inside the company are still murky. “I think there are lots of opportunities to work on detections and preventions proactively,” says offensive security engineer Owens. However, he notes that it can be tough to prioritise these measures when you have other pressing issues, such as organisational and political challenges.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
