- Several of Uber’s internal systems have been breached by an unauthorized person. The alleged hacker compromised the employee workplace messaging app Slack, Email Dashboard as well as other internal systems.
- Uber has confirmed the breach and informed that it contacted to law authorities for further investigation to understand the extent.
- The threat actor used the social engineering method to breach, which has been performed widely in recent years.
The ride-hailing and food delivery company Uber suffered a systems intrusion resulting in employees being unable to access internal tools such as Slack. The company confirmed the incident and currently it is in touch with law enforcement.
Social engineering technic was used
The unauthorized person appeared to have breached many of Uber’s internal systems. The alleged hacker compromised the employee workplace messaging app Slack to send the company employees declaring that it had a data breach. The alleged message was containing “I announce I am a hacker and Uber has suffered a data breach.”The message also included further several internal databases that the hacker claimed had been compromised. As a response to the incident, Uber has confirmed and informed that law enforcement was contacted.
We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.
— Uber Comms (@Uber_Comms) September 16, 2022
According to reports, the hacker messaged an Uber employee posing to be a corporate information technology person. This certain worker was persuaded to provide a password which enabled the threat actor to get into Uber’s systems. This method is called social engineering and has been used many times previously. For example, in 2020, some teenagers used this technic to hack Twitter.
The hacker sent screenshots of internal Uber systems to some newspapers and security research companies to prove his access. Among the images, there were Uber’s vulnerability reports on internal systems, email dashboards, and Slack servers. It is also believed that the threat actor gained Uber’s HackerOne bug bounty program. The program was keeping all of the company’s bug bounty tickets. Currently, Uber’s bug bounty program has been disabled on HackerOne.
This is not the first time Uber’s systems were breached and sensitive data was stolen. In 2016, hackers robbed information from 57 million driver and rider accounts and then demanded ransom from Uber to erase their copy of the data.