Uber Suffers From ‘Total Compromise’ System Hack

Uber Suffers From ‘Total Compromise’ System Hack

UPDATE 9/19: Uber suspects that a member of the hacker gang LAPSUS$ is behind the breach.

UPDATE: Uber says it has found “no evidence” that the hacker behind the breach gained access to sensitive user data, such as ride history.

On Friday, the company released the update(Opens in a new window)which notes that all services including Uber, Uber Eats and Uber Freight continue to operate normally, despite the breach.

Original story:

Uber is investigating a breach serious enough to have given a hacker full access to the company’s internal systems.

As New York Times(Opens in a new window) reports, an 18-year-old hacker has claimed responsibility for the hack, providing evidence in the form of internal Uber system screenshots and explaining how he used a social engineering technique to pull it off.

The hacker claims to have sent a text message to an Uber worker posing as a corporate information technology person. The worker fell for the ruse and gave the hacker a password that was then used to access Uber’s systems. It appears that the password gave access to the employee’s Slack account, and then the hacker infiltrated other internal systems from there.

Sam Curry, a security engineer at Yuga Labs, spoke with the hacker and concluded, “They pretty much have full access to Uber … This is a total compromise, from the looks of it.”

By “total compromise”, Curry means that the hacker gained access to Uber’s source code and just about every internal system the company operates, including email. After gaining access to several systems, the hacker sent a Slack message to Uber employees saying, “I announce that I am a hacker and Uber has suffered a data breach,” along with a list of internal databases he accessed to. An explicit image was also posted on an internal information page.

An internal email sent by Latha Maripuri, Uber’s chief information security officer, and set by New York Times said, “We do not have an estimate right now of when full access to tools will be restored, so please bear with us.”

Slack released a statement to Reuters(Opens in a new window) explains that there is no evidence of a vulnerability in the platform, but that “Uber is a valued customer and we are here to help them if they need us.” For now, Uber has taken several of its systems offline as they investigate exactly what happened and law enforcement officials have been contacted.

The news comes years after Uber admitted to covering up a 2016 hack, after which it paid the hackers $100,000 to delete the data and keep quiet. Uber’s former security chief Joe Sullivan is now on trial(Opens in a new window) for criminal obstruction related to that incident.

PCMag logo Readers’ Choice Awards 2021: Antivirus software and security suites

Do you like what you read?

Sign up SecurityWatch newsletter for our best privacy and security stories delivered straight to your inbox.

This newsletter may contain advertising, deals or affiliate links. Subscribing to a newsletter indicates your consent to our terms of use and privacy policy. You can unsubscribe from the newsletters at any time.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *