The engineer said there was no indication that the hacker had done any damage or cared about anything more than going public.
Uber Technologies Inc said it was investigating a cybersecurity incident after its network was apparently breached and the transportation provider had to shut down some internal communications and engineering systems.
A hacker hacked into employees’ workplace messaging app Slack and used it to send messages to Uber employees informing them that the company had suffered a data breach, according to a new report. New York Times newspaper on Thursday, citing an Uber spokesperson.
It appears that the hacker was then able to gain access to other internal systems, posting a sexually explicit photo on an internal employee information page, the report added.
“We are in contact with law enforcement and will post additional updates here as they become available,” Uber said in a tweet without providing further details.
We are currently responding to a cybersecurity incident. We are in contact with law enforcement and will post additional updates here as they become available.
– Uber Comms (@Uber_Comms) September 16, 2022
‘Lock everything’
“It seems like they compromised a lot of things,” said Sam Curry, a Yuga Labs engineer who communicated with the hacker. That includes full access to cloud environments hosted by Amazon and Google, where Uber stores its source code and customer data, he said.
Curry said he spoke with several Uber employees who said they were “working to lock things down internally” to limit hackers’ access.
The Slack system was taken offline by Uber after employees received messages from the hacker, the Times reported, citing two employees who were not authorized to speak publicly.
“I am reporting that I am a hacker and that Uber has suffered a data breach,” the notice read, and listed several internal databases that are believed to have been compromised, it added.
One person, claiming responsibility for the hack, told the newspaper that he had sent a text message to an Uber employee claiming to be the company’s IT officer.
The worker was persuaded to hand over a password that gave the hacker access to Uber’s system.
Slack said in a statement to Reuters news agency that the company is investigating the incident and there is no evidence of an inherent vulnerability on its platform. Slack, which is owned by Salesforce Inc., said: “Uber is a valuable customer and we are here to help them if they need us.
According to the report, Uber employees have been instructed not to use Slack. Other internal systems are also inaccessible.
No real damage
Curry said there is no indication that the hacker has done any damage or cared about anything more than going public. There’s also no indication that Uber’s fleet or operations have been affected in any way.
“My gut feeling is that it looks like they’re trying to get as much attention as possible,” says Curry.
Hackers alerted Curry and other security researchers to the intrusion by using an internal Uber account to comment on vulnerabilities they had previously identified on the company’s network through the program. bug bounty, a program that pays ethical hackers to find network weaknesses.
The hacker provided the account addresses of Telegram and Curry and other researchers then invited them into a private chat, sharing screenshots of various pages from Uber’s cloud providers to prove they broke in.
The Times said the hacker was 18 years old and said they broke in because the company had weak security.
The company has been hacked before.
Its former chief of security Joseph Sullivan is now on trial on charges that he arranged to pay hackers $100,000 to cover up a 2016 high-tech theft in which the personal information of about 57 million customers and drivers were stolen.
