Topline
Uber on Thursday said it was investigating a “cybersecurity incident” and has informed law enforcement after an alleged hacker claimed to have breached the company’s internal databases, a development that potentially risks the exposure of critical information, including customer data.
Key Facts
The breach was first revealed in an internal message to Uber employees on the messaging platform Slack, where an unknown account wrote “I am a hacker and uber has suffered a data breach.”
The alleged hacker has shared images of “email, cloud storage and code repositories” with the New York Times and some cybersecurity researchers.
A screenshot of the purported hacker’s message on Slack appears to have initially been seen as a joke, with Uber’s employees reacting with a series of emojis according to a screenshot shared by the online malware database VX-Underground.
According to the Times, Uber employees have been asked to stop using Slack while other internal communication channels also appear to be shut.
Sam Curry, a security engineer at Yuga Labs and one of the people contacted by the alleged hacker, said screenshots appear to show that Uber’s databases hosted on Amazon and Google’s cloud services appear to have been “completely compromised.”
The hacker allegedly gained access to Uber’s internal systems by using a method known as social engineering where they masqueraded as a company IT person and convinced an employee to share their login credentials, the Times report added.
Surprising Fact
As part of the breach, the hacker appears to have gained control of Uber’s HackerOne account that the company uses for its bug bounty program. The program pays security researchers to inform the company about any vulnerabilities in their software or databases.
Source: https://www.forbes.com/sites/siladityaray/2022/09/16/uber-say-its-responding-to-cybersecurity-incident-after-alleged-hack-of-internal-databases/