What just happened? Uber is investigating a cybersecurity incident that resulted in the hacking of several of its internal systems, giving the hacker, who says he is only 18 years old, almost complete access to the company’s network. The breach is believed to be as bad or worse than the 2016 incident that exposed details of 57 million customers.
The The New York Times It states that the hacker used a common social engineering technique to gain access to Uber’s systems. He texted an employee of the ride-hailing giant transport company claiming to be an IT company person. The worker was persuaded to hand over his password, and the offender was given access to the Uber network.
The hacker provided screenshots of Uber’s internal systems to the New York Times as evidence of his successful attack. He told the publication that he is 18 and has been working on his cybersecurity skills for several years, adding that Uber’s poor security prompted him to hack into its network.
Once there, the hacker sent a Slack message to employees that read: “I declare that I am a hacker and that Uber has suffered a data breach.” It listed several hacked databases and appears to be inviting Uber drivers to receive higher salaries. Uber shut down Slack’s internal and engineering systems earlier today while investigating the breach.
Sam Curry, a security engineer at Yuga Labs who corresponded with the hacker, said the person had full administrative access to Amazon Web Services and Uber’s Google Cloud services. “Looks like they might be this kid who’s got into Uber and doesn’t know what to do with it, and has a lot of time in his life,” said Carey.
In an official statement, Uber wrote: “We are currently responding to a cybersecurity incident. We are in contact with law enforcement and will post additional updates here as they become available.”
In addition to his age, not much is known about the pirate, although it has been speculated that he is British; One employee said he used the word “wankers”, and he could use the username “teapots2022”. He also managed to access Uber’s HackerOne vulnerability bounty account and leave feedback on several report tickets.
From an Uber employee:
Feel free to share but please don’t attribute to me: At Uber, we received an “urgent” email from IT security saying to stop using Slack. Now any time I order a website, I’m taken to a shrunken page with a porn picture and the message “F*** you wankers.”
– Sam Curry (@samwcyo) September 16, 2022
According to Acronis CISO Kevin ReedThe hacker gained access to production systems, the EDR (End Point Detection and Response) console, and Uber’s Slack management interface. It’s still unclear how 2FA was bypassed after an Uber employee’s password was stolen, and we still don’t know if customer information was accessed.
The breach is compared to 2016 incident The names, email addresses and phone numbers of 50 million Uber customers were stolen, along with the personal details of 7 million drivers. Uber paid the responsible hackers $100,000 to delete data and stop publishing the incident, and hid the breach for more than a year. The company had to pay $148 million to settle the hack and its failure to disclose what happened.