Uber is investigating a cybersecurity incident after reports of a breach

Uber said it was “currently responding to a cybersecurity incident” after reports that a hacker had breached its systems.

Rafael Henrique | soba pictures | Light Rocket | Getty Images

Uber said Thursday it was investigating a cybersecurity incident after reports of a hack of the taxi company.

“We are currently responding to a cybersecurity incident,” Uber said in a statement on Twitter. “We are in contact with law enforcement and will post additional updates here as they become available.”

A hacker took control of Uber’s internal systems after hacking into an employee’s Slack account, according to the New York Times, which says it contacted the attacker directly. Slack, a workplace messaging service, is used by many tech companies and startups for everyday communications. Uber has now disabled Slack, according to multiple reports.

Uber shares fell 4% in premarket trading on Friday after news of the hack.

After hacking Uber’s internal Slack in a so-called social engineering attack, the hacker then moved to access other internal databases, The Times reported. In a Slack message, the hacker is said to have written: “I declare that I am a hacker and that Uber has suffered a data breach.”

A separate report, from the Washington Post, said the alleged attacker told the newspaper he had hacked Uber for fun and could leak the company’s source code within months.

The Post, citing two people familiar with the matter, reported that employees initially thought the attack was a prank and responded to Slack messages from the alleged hacker using emojis and GIFs.

Screenshots shared on Twitter indicate that the hacker also managed to take over Uber’s web services and Google Cloud accounts, and gain access to internal financial data.

CNBC was unable to independently verify the information. Uber declined to comment beyond its statement posted on Twitter.

While it’s not yet entirely clear how Uber’s systems were hacked, cybersecurity researchers said initial reports suggested the hacker avoided sophisticated hacking techniques in favor of social engineering. This is where criminals take advantage of people’s naivety and inexperience to gain access to corporate accounts and sensitive data.

“This is a very low barrier to an entry attack,” said Ian McShane, vice president of strategy at cybersecurity firm Arctic Wolf. “Given the access they claim to have, I’m amazed that the attacker didn’t try to get ransom or extortion, it looks like they did it for lulz.”

“It’s evidence again that the weakest link in your security defences is often the human,” McShane added.

News of the attack comes as Uber’s former chief of security, Joe Sullivan, is on trial for a 2016 breach that stole 57 million users and drivers. In 2017, the company admitted to hiding the attack, and the following year, it paid $148 million in a settlement with 50 US states and Washington, DC.

Uber has tried to clean up its image in the wake of the 2017 exit of Travis Kalanick, the controversial former CEO who founded the company in 2009. But scandals and controversies from Kalanick’s turbulent tenure continue to haunt the company.

In July, the Guardian reported the leak of thousands of documents detailing how Uber penetrated cities around the world, even if it meant violating local laws. In one case, former CEO Travis Kalanick said “violence guarantees success” after other executives confronted him about safety concerns for Uber drivers sent to a protest in France.

In response to The Guardian’s report at the time, Uber said the events were related to “past behavior” and “not in line with our current values”.

Related Posts

Leave a Reply

Your email address will not be published.