No indication the hacker did any harm or was fascinated with something greater than publicity, says engineer.
Uber Applied sciences Inc has mentioned it was investigating a cybersecurity incident after its community was apparently breached and the transport supplier needed to shut down a number of inside communications and engineering programs.
A hacker compromised an worker’s office messaging app Slack and used it to ship a message to Uber staff asserting the corporate had suffered an information breach, in response to a New York Instances newspaper report on Thursday that cited an Uber spokesperson.
It appeared the hacker was later capable of acquire entry to different inside programs, posting an express picture on an inside data web page for workers, the report added.
“We’re in contact with legislation enforcement and can put up extra updates right here as they develop into obtainable,” Uber mentioned in a tweet, with out offering additional particulars.
We’re at the moment responding to a cybersecurity incident. We’re in contact with legislation enforcement and can put up extra updates right here as they develop into obtainable.
— Uber Comms (@Uber_Comms) September 16, 2022
‘Lock down all the things’
“It looks as if they’ve compromised quite a lot of stuff,” mentioned Sam Curry, an engineer with Yuga Labs who communicated with the hacker. That features full entry to the Amazon and Google-hosted cloud environments the place Uber shops its supply code and buyer knowledge, he mentioned.
Curry mentioned he spoke to a number of Uber staff who mentioned they have been “working to lock down all the things internally” to limit the hacker’s entry.
The Slack system was taken offline by Uber after staff acquired the message from the hacker, in response to the Instances report, citing two staff who weren’t authorised to talk publicly.
“I announce I’m a hacker and Uber has suffered an information breach,” the message learn, and went on to checklist a number of inside databases claimed to be compromised, it added.
An individual, claiming accountability for the hack, advised the newspaper he had despatched a textual content message to an Uber worker claiming to be a company IT particular person.
The employee was persuaded at hand over a password that allowed the hacker to realize entry to Uber’s programs, it mentioned.
Slack mentioned in an announcement to the Reuters information company the corporate was investigating the incident and there was no proof of a vulnerability inherent to its platform. “Uber is a valued buyer, and we’re right here to assist them in the event that they want us,” mentioned Slack, which is owned by Salesforce Inc.
Uber staff have been instructed to not use Slack, in response to the report. Different inside programs, too, have been inaccessible.
No actual harm
Curry mentioned there was no indication the hacker had completed any harm or was fascinated with something greater than publicity. There was additionally no indication that Uber’s fleet of automobiles or its operation was in any manner affected.
“My intestine feeling is that it looks as if they’re out to get as a lot consideration as attainable,” mentioned Curry.
The hacker alerted Curry and different safety researchers to the intrusion by utilizing an inside Uber account to touch upon vulnerabilities they’d beforehand recognized on the corporate’s community via its bug-bounty programme, which pays moral hackers to ferret out community weaknesses.
The hacker offered a Telegram account handle and Curry and different researchers then engaged them in a separate dialog, sharing screenshots of varied pages from Uber’s cloud suppliers to show they broke in.
The Instances mentioned the hacker reported being 18 years previous and mentioned they broke in as a result of the corporate had weak safety.
The corporate has been hacked earlier than.
Its former head of safety Joseph Sullivan is at the moment on trial on allegations he organized to pay hackers $100,000 to cowl up a 2016 high-tech heist through which the private data of about 57 million clients and drivers was stolen.