The transport service provider Uber has been the victim of a hacker attack. The 18-year-old attacker apparently had access to the program code of the Uber applications, internal emails and documents from cloud storage.
Uber has been the victim of a hack attack. According to a report by the New York Times, many of the ride-hailing agent’s internal systems were affected by the cyber attack. The company spoke of a “cyber security incident” on Twitter on Friday. Uber will investigate the incident and have contacted law enforcement.
Ongoing Uber operations unaffected
The “New York Times” relies on material that was leaked to it by the alleged burglar. Among them were screenshots of Uber internal emails and documents from cloud storage. According to the screenshots, the attacker even had access to the program code of the Uber applications. It is not publicly known whether customer data was also stolen. The day-to-day operations of Uber and Uber Eats services were not affected by the incident, it said.
The hacker, who provided the screenshots of internal Uber systems to demonstrate his access, said he is only 18 and has been working on his cybersecurity skills for several years. He wrote that he had penetrated Uber’s systems because the company was weakly protected against cyber attacks.
Employees should stop using Slack
“They (the attackers) have pretty much full access to Uber,” explained Sam Curry, an engineer at security firm Yuga Labs. He had previously corresponded with the person who claimed to be responsible for the burglary. “As it stands, this is a total compromise.”
According to the report, Uber employees were instructed to stop using the company’s internal messaging service Slack. Accordingly, the employees had shortly before received a self-accusation message from the alleged attacker via Slack: “I announce that I am a hacker and that Uber has suffered a data breach”.
Employee reveals account password
The hacker used an employee’s Slack account to send the message for his attack. In order to gain control of this Slack account, the alleged perpetrator sent a text message to an Uber employee posing as the company’s information technology employee. The employee was persuaded to submit a password that allowed the hacker access to other Uber systems.
It wasn’t the first time that Uber has been the victim of a cyber attack. In 2016, hackers stole information from 57 million driver and passenger accounts and then demanded $100,000 to wipe their copy of the data. According to media reports, Uber paid the ransom at the time.
Source: Stern
Jane Stock is a technology author, who has written for 24 Hours World. She writes about the latest in technology news and trends, and is always on the lookout for new and innovative ways to improve his audience’s experience.
