Uber is researching a 'cybersecurity happening' following the reports of a company hack

Uber is researching a 'cybersecurity happening' following the reports of a company hack

September 19, 2022: -On Thursday, Uber explored cybersecurity after a report that the ride-hailing company had been hacked.

“We are currently responding to a cybersecurity incident,” Uber stated in a statement on Twitter. “We are in contact with law enforcement and will put up additional updates as they become available.”

Slack is a workplace messaging service used by tech companies and startups for regular communications. A hacker gained power over Uber’s internal systems after making a compromise about the Slack account of an employee, says the New York Times, saying it communicated with the attacker directly. Uber has disabled its Slack, according to multiple reports.

Shares of Uber refused 4% in premarket trading on Friday on news of the hack.

After compromising Uber’s internal Slack in a social engineering attack, the hacker then went on to access other internal databases, the Times reported. In one Slack message, the hacker is declared to have written, “I announce I am a hacker and Uber has suffered a data breach.”

A report from the Washington Post said the apparent attacker told the newspaper they had breached Uber for fun and could leak the company’s source code in months.

Employees initially thought the attack to be a joke and responded to Slack messages from the alleged hacker with emojis and GIFs, the Post reported, citing two people familiar with the matter.

Screenshots shared on Twitter suggest the hacker organized to take over Uber’s Amazon Web Services and Google Cloud accounts and gained access to internal financial data.

While it’s not entirely clear how Uber’s systems were compromised, cybersecurity researchers said initial reports indicate the hacker eschewed sophisticated hacking techniques in favor of social engineering. This is where criminals prey on people’s credulity and inexperience to gain entry to corporate accounts and sensitive data.

“This is a pretty low-bar to-entry attack,” said Ian McShane, vice president of strategy at cybersecurity company Arctic Wolf. “Given the access when they are claiming to have gained, I’m surprised the attacker didn’t attempt to ransom or extort. It looks such as they did it ‘for the lulz.'”

“It’s proof once again that often the weakest link in your security defenses is the human,” McShane added.

Posts You Might Like
Summary
Uber is researching a 'cybersecurity happening' following the reports of a company hack
Article Name
Uber is researching a 'cybersecurity happening' following the reports of a company hack
Description
Uber explored cybersecurity after a report that the ride-hailing company had been hacked.“We are currently responding to a cybersecurity...
Author
Publisher Name
The Women Leaders
Publisher Logo