Uber Breach

Uber BreachUber suffered a data breach Thursday on many internal systems. The company did not know they had been breached until the hacker announced himself on an internal Slack account connecting employees. “I announce I am a hacker and Uber has suffered a data breach,” the message said, along with a list of breached tools. Uber shut down many internal tools, including Slack and developer access, but kept the public ride-share and food delivery apps online.

“We have no evidence that the incident involved access to sensitive user data (like trip history),” the company said. “All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational.”

The 18-year-old hacker posted screenshots of internal systems, Uber source code, and email systems on the web. Uber said Monday it believed the hacker group LAPSUS$ was behind the attack. The group is thought to be composed mainly of teenagers.

The attacker used social engineering to gain access to internal systems by convincing an employee he worked for Uber’s internal IT department. The compromised employee apparently also passed along two-factor authentication credentials. Critics point to the attack as another place where an attacker bypassed MFA and 2FA. The incident is included in a recent string of attacks, including Twilio, Cloudflare, Cisco, and LastPass. Security professionals cite these as incentives to move more quickly toward physical security keys that follow FIDO2 compliance guidelines. Read our blog post on the FIDO Alliance and Apple passkey here.

Uber previously suffered a breach that exposed the names, email addresses, and phone numbers of 57 million people in 2016. That breach also exposed the driver’s license information of 600,00 US drivers. Uber kept the breach secret for more than a year.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright