Uber cyber security incident: What do we know so far?
On Friday 16th September, Uber admitted to having been targeted by a cyber attack and that they were responding to the incident. The announcement came through the company’s Twitter account where they said that they were in contact with law enforcement and that they would post additional updates as they become available.
The company is yet to reveal more details on the incident but we have still managed to gather some information on the issue.
The good news is the hacker seems to have initiated the attack to expose Uber’s security and attract some attention. Up to this point, there s no indication that Uber’s systems have been affected. Except for a few internal processes that have had to be shut off, all other company operations are functioning seamlessly.
The bad news is that according to messages and screenshots shared by the hacker, the breach on Uber is a major one as the hacker seemingly has access to sensitive data and infrastructure at multiple levels. This may include customers, employees, and drivers' personal data.
“It seems like they’ve compromised a lot of stuff. That includes complete access to the Amazon and Google-hosted cloud environments where Uber stores its source code and customer data” said Sam Curry, an engineer with Yuga Labs who communicated with the hacker.
How did it happen?
The hacker claims to have used social engineering by impersonating a corporate IT person and consequently tricked one Uber employee into giving him the login credentials that he used to gain access to the Uber network.
After infiltrating their system, the hacker then used the company’s internal communication platform, Slack to notify the company of his conquest. “I announce I am a hacker and Uber has suffered a data breach,” the message read.
He even went on to comment on network vulnerabilities that had been found as part of the Uber bug bounty program.
This is not the first time the company has been hacked. Uber was a victim of a massive data breach in 2016 that saw the data of over 57 million customers and drivers stolen. Their former head of security is being tried on allegations that he tried to pay off the hackers to prevent the news of the breach from coming out.
The hacker is claiming to be 18 years old.