Uber investigating cybersecurity incident after hacker breaches its internal network

Uber confirmed on Thursday that it’s responding to a cybersecurity incident after reports claimed a hacker had breached its internal network.

The ride-hailing giant discovered the breach on Thursday and has taken several of its internal communications and engineering systems offline while it investigates the incident, according to a report by The New York Times, which broke the news of the breach.

Uber said in a statement given to TechCrunch that it’s investigating a cybersecurity incident and is in contact with law enforcement officials, but declined to answer additional questions.

The sole hacker behind the beach, who claims to be 18 years old, told the NYT that he compromised Uber because the company had weak security. The attacker reportedly used social engineering to compromise an employee’s Slack account, persuading them to hand over a password that allowed them access to Uber’s systems. This has become a popular tactic in recent attacks against well-known companies, including Twilio, Mailchimp, and Okta.

Shortly before the Slack system was taken offline on Thursday afternoon, Uber employees received a message that read, “I announce I am a hacker and Uber has suffered a data breach”, the NYT reports. The hacker also reportedly said that Uber drivers should receive higher pay.

According to Kevin Reed, CISO at cybersecurity company Acronis, the attacker found high privileged credentials on a network file share and used them to access everything, including production systems, Uber’s Slack management interface, and the company’s EDR portal.

“If you had your data in Uber, there’s a high chance so many people have access to it,” Reed said, noting that it’s not yet clear how the attacker bypassed two-factor authentication (2FA) after obtaining the employee’s password.

The attacker is also believed to have gained administrative access to Uber’s cloud services including on Amazon Web Services (AWS) and Google Cloud (GCP), where Uber stores its source code and customer data, as well as the company’s HackerOne bug bounty program.

Sam Curry, a security engineer at Yuga Labs who described the breach as a “complete compromise”, said that the threat actor likely had access to all of the company’s vulnerability reports, which means they may have had access to vulnerabilities that have not been fixed. HackerOne has since disabled the Uber bug bounty program.

In a statement given to TechCrunch, Chris Evans, HackerOne CISO and Chief Hacking Officer said the company “is in close contact with Uber’s security team, have locked their data down, and will continue to assist with their investigation.”

This is not the first time that Uber has been compromised. In 2016, hackers stole information from 57 million driver and rider accounts and then approached Uber and demanded $100,000 to delete their copy of the data. Uber arranged the payment but kept the breach a secret for more than a year.

Credit belongs to : www.techcrunch.com

You May Also Like

Nigerian proptech Spleet gets $2.6M led by MaC VC to scale its property management products

For the average individual living in Lagos — Nigeria’s most populous city, with over 20 million people — apartment hunting is an extreme sport. Not only is rent expensive — low- to middle-income housing can cost between $1,000 and $5,000 yearly — but renters must also pay a year in advance, sometimes even two before […]

Nigerian proptech Spleet gets $2.6M led by MaC VC to scale its property management products by Tage Kene-Okafor originally published on TechCrunch

App Store experienced sharp revenue drop in September, Morgan Stanley says

Apple’s App Store suffered a 5% year-on-year dip in net revenue in September according to a note from Morgan Stanley analyst Erik Woodring. This is the biggest drop in App Store revenue since the financial services company started tracking its data. Woodring said gaming was the biggest reason for the decline as the sector plunged […]

App Store experienced sharp revenue drop in September, Morgan Stanley says by Ivan Mehta originally published on TechCrunch

error: Content is protected !!