Uber investigating ‘cybersecurity incident’ after breach reported | Cybersecurity Information
No indication the hacker did any injury or was interested by something greater than publicity, says engineer.
Uber Applied sciences Inc has stated it was investigating a cybersecurity incident after its community was apparently breached and the transport supplier needed to shut down a number of inner communications and engineering methods.
A hacker compromised an worker’s office messaging app Slack and used it to ship a message to Uber staff saying the corporate had suffered an information breach, in line with a New York Times newspaper report on Thursday that cited an Uber spokesperson.
It appeared the hacker was later in a position to achieve entry to different inner methods, posting an specific photograph on an inner data web page for workers, the report added.
“We’re in contact with regulation enforcement and can put up extra updates right here as they turn out to be accessible,” Uber stated in a tweet, with out offering additional particulars.
We’re at the moment responding to a cybersecurity incident. We’re in contact with regulation enforcement and can put up extra updates right here as they turn out to be accessible.
— Uber Comms (@Uber_Comms) September 16, 2022
‘Lock down every thing’
“It looks as if they’ve compromised lots of stuff,” stated Sam Curry, an engineer with Yuga Labs who communicated with the hacker. That features full entry to the Amazon and Google-hosted cloud environments the place Uber shops its supply code and buyer information, he stated.
Curry stated he spoke to a number of Uber staff who stated they have been “working to lock down every thing internally” to limit the hacker’s entry.
The Slack system was taken offline by Uber after staff obtained the message from the hacker, in line with the Occasions report, citing two staff who weren’t authorised to talk publicly.
“I announce I’m a hacker and Uber has suffered an information breach,” the message learn, and went on to listing a number of inner databases claimed to be compromised, it added.
An individual, claiming accountability for the hack, instructed the newspaper he had despatched a textual content message to an Uber worker claiming to be a company IT particular person.
The employee was persuaded at hand over a password that allowed the hacker to realize entry to Uber’s methods, it stated.
Slack stated in a press release to the Reuters information company the corporate was investigating the incident and there was no proof of a vulnerability inherent to its platform. “Uber is a valued buyer, and we’re right here to assist them in the event that they want us,” stated Slack, which is owned by Salesforce Inc.
Uber staff have been instructed to not use Slack, in line with the report. Different inner methods, too, have been inaccessible.
No actual injury
Curry stated there was no indication the hacker had carried out any injury or was interested by something greater than publicity. There was additionally no indication that Uber’s fleet of automobiles or its operation was in any method affected.
“My intestine feeling is that it looks as if they’re out to get as a lot consideration as doable,” stated Curry.
The hacker alerted Curry and different safety researchers to the intrusion by utilizing an inner Uber account to touch upon vulnerabilities that they had beforehand recognized on the corporate’s community by way of its bug-bounty programme, which pays moral hackers to ferret out community weaknesses.
The hacker offered a Telegram account tackle and Curry and different researchers then engaged them in a separate dialog, sharing screenshots of assorted pages from Uber’s cloud suppliers to show they broke in.
The Occasions stated the hacker reported being 18 years outdated and stated they broke in as a result of the corporate had weak safety.
The corporate has been hacked earlier than.
Its former head of safety Joseph Sullivan is at the moment on trial on allegations he organized to pay hackers $100,000 to cowl up a 2016 high-tech heist through which the non-public data of about 57 million prospects and drivers was stolen.
