free counter

Uber coping with “cybersecurity incident” after hacker seems to breach system

Uber said Thursday that it reached out to police following a hacker apparently breached its network. A security engineer said the intruder had provided proof obtaining usage of crucial cloud systems at the ride-hailing service.

Uber tweeted Thursday night that it had been “currently giving an answer to a cybersecurity incident. We have been touching police.”

It said it could provide updates on its Uber Comms twitter feed. When reached by CBS News, an Uber spokesperson declined to supply any details.

There is no indication that Uber’s fleet of vehicles or its operation was at all affected.

We have been currently giving an answer to a cybersecurity incident. We have been touching law enforcement and can post additional updates here because they become available.

Uber Comms (@Uber_Comms) September 16, 2022

“It looks like they’ve compromised plenty of stuff,” said Sam Curry, an engineer with Yuga Labs who communicated with the hacker. Which includes obtaining complete usage of the Amazon and Google-hosted cloud environments where Uber stores its source code and customer data, he said.

Curry said he spoke to many Uber employees who said these were “attempting to lock down everything internally” to restrict the hacker’s access. That included the business’s Slack internal messaging network, he said.

He said there is no indication that the hacker had done any damage or was thinking about any other thing more than publicity. “My gut feeling is that it looks like they’re out to obtain just as much attention as you possibly can.”

The hacker had alerted Curry along with other security researchers to the intrusion through the use of and an interior Uber account to touch upon vulnerabilities that they had previously identified on the business’s network through its bug-bounty program, which pays ethical hackers to recognize vulnerabilities.

The hacker provided a Telegram account address and Curry along with other researchers then engaged them in another conversation, sharing screenshots of varied pages from Uber’s cloud providers to prove they broke in.

The Associated Press attemptedto contact the hacker at the Telegram account where Curry and another researchers chatted using them. But no-one responded.

One screenshot posted on Twitter and confirmed by researchers shows a speak to the hacker where they state they obtained the credentials of an administrative user and used social engineering to gain access to Uber’s internal network.

In 2016, an enormous cybersecurity breach at Uber saw hackers steal the non-public data of 57 million Uber customers and drivers.

Because of this, Uber was forced to cover $148 million to stay case with all 50 states and the District of Columbia on the breach.

Read More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker