Uber breached by hackers in cybersecurity incident

SAN FRANCISCO — Uber’s laptop system was compromised and the corporate has alerted authorities, the ride-hailing large mentioned Thursday.

The ride-hailing firm mentioned in a tweet that it was “responding to a cybersecurity incident.”

The hacker appeared in a message posted on Slack, in response to two individuals conversant in the matter, who spoke on situation of anonymity because of the delicate nature of the incident.

“I am asserting that I am a hacker and uber has skilled an information breach,” the message mentioned.

That was adopted by a sequence of response emojis, together with a number of dozen displaying what appeared like a siren image. As a result of hack, the individuals mentioned, some techniques together with Slack and inner instruments have been briefly disabled.

Inner screenshots obtained by The Washington Publish present the hackers claiming to have intensive entry to Uber’s company community and seem to point out the hackers have been motivated by the corporate’s remedy of its drivers. The individual claimed to have taken knowledge from frequent software program utilized by Uber workers to put in writing new packages.

Uber pointed to its tweet assertion when requested for touch upon the matter. The corporate didn’t instantly reply to questions in regards to the extent to which inner data might have been compromised.

Uber waits a yr to report huge buyer knowledge hack

The New York Instances first reported on the incident.

Uber beforehand suffered a breach in 2016 that uncovered the non-public data of 57 million individuals worldwide, together with names, e mail addresses and telephone numbers. It additionally contains driver’s license data from about 600,000 US drivers. Two individuals accessed the data via a “third occasion cloud-based service” that Uber was utilizing on the time.

Uber, based mostly in San Francisco, employs hundreds of individuals all over the world who might have been affected by the system hack. The corporate has additionally come beneath hearth for its remedy of drivers, whom it has struggled to retain as contractors.

The hacker posted as Uber on the chat perform on HackerOne, which ran interference between researchers reporting safety vulnerabilities and corporations affected by it. Uber and different corporations use the service to handle studies of safety flaws of their packages and to reward researchers who discover them.

Within the chat, seen by The Publish, the alleged hacker claimed entry to an Amazon Uber Internet Service account.

What to do when you get hacked

AWS didn’t instantly reply to a request for remark. (Amazon founder Jeff Bezos owns The Publish.)

In a subsequent interview on the messaging app, the alleged hackers informed The Publish that that they had breached the corporate for enjoyable and would possibly leak the supply code “inside a couple of months.”

The individual described Uber’s security as “horrible.”

Peiter “Mudge” Zatko’s journey from hacker to Twitter whistleblower

Uber workers have been stunned by the sudden disruption to their workday, and a few initially reacted to the alarming message as if it have been a joke, in response to the screenshot.

The hacker’s ominous publish was met with a backlash that appeared to painting SpongeBob’s character Mr. Krabs, the favored “It is Occurring” GIF and the query of whether or not the state of affairs is a joke.

“Sorry to be a stick within the mud, however I believe IT would recognize much less memes as they take care of breaches,” mentioned one message seen by The Publish.

About the author


Leave a Comment