No indication the hacker did any injury or was eager about something greater than publicity, says engineer.
Uber Applied sciences Inc has mentioned it was investigating a cybersecurity incident after its community was apparently breached and the transport supplier needed to shut down a number of inside communications and engineering methods.
A hacker compromised an worker’s office messaging app Slack and used it to ship a message to Uber workers saying the corporate had suffered an information breach, based on a New York Occasions newspaper report on Thursday that cited an Uber spokesperson.
It appeared the hacker was later capable of achieve entry to different inside methods, posting an specific photograph on an inside info web page for workers, the report added.
“We’re in contact with legislation enforcement and can publish extra updates right here as they grow to be accessible,” Uber mentioned in a tweet, with out offering additional particulars.
We’re presently responding to a cybersecurity incident. We’re in contact with legislation enforcement and can publish extra updates right here as they grow to be accessible.
— Uber Comms (@Uber_Comms) September 16, 2022
‘Lock down every thing’
“It looks like they’ve compromised a variety of stuff,” mentioned Sam Curry, an engineer with Yuga Labs who communicated with the hacker. That features full entry to the Amazon and Google-hosted cloud environments the place Uber shops its supply code and buyer knowledge, he mentioned.
Curry mentioned he spoke to a number of Uber workers who mentioned they had been “working to lock down every thing internally” to limit the hacker’s entry.
The Slack system was taken offline by Uber after workers obtained the message from the hacker, based on the Occasions report, citing two workers who weren’t authorised to talk publicly.
“I announce I’m a hacker and Uber has suffered an information breach,” the message learn, and went on to checklist a number of inside databases claimed to be compromised, it added.
An individual, claiming accountability for the hack, informed the newspaper he had despatched a textual content message to an Uber worker claiming to be a company IT particular person.
The employee was persuaded handy over a password that allowed the hacker to realize entry to Uber’s methods, it mentioned.
Slack mentioned in a press release to the Reuters information company the corporate was investigating the incident and there was no proof of a vulnerability inherent to its platform. “Uber is a valued buyer, and we’re right here to assist them in the event that they want us,” mentioned Slack, which is owned by Salesforce Inc.
Uber workers had been instructed to not use Slack, based on the report. Different inside methods, too, had been inaccessible.
No actual injury
Curry mentioned there was no indication the hacker had completed any injury or was eager about something greater than publicity. There was additionally no indication that Uber’s fleet of automobiles or its operation was in any method affected.
“My intestine feeling is that it looks like they’re out to get as a lot consideration as doable,” mentioned Curry.
The hacker alerted Curry and different safety researchers to the intrusion by utilizing an inside Uber account to touch upon vulnerabilities they’d beforehand recognized on the corporate’s community by way of its bug-bounty programme, which pays moral hackers to ferret out community weaknesses.
The hacker supplied a Telegram account deal with and Curry and different researchers then engaged them in a separate dialog, sharing screenshots of assorted pages from Uber’s cloud suppliers to show they broke in.
The Occasions mentioned the hacker reported being 18 years previous and mentioned they broke in as a result of the corporate had weak safety.
The corporate has been hacked earlier than.
Its former head of safety Joseph Sullivan is presently on trial on allegations he organized to pay hackers $100,000 to cowl up a 2016 high-tech heist through which the private info of about 57 million clients and drivers was stolen.