107100297-1659961017100-gettyimages-1239680427-RAFAPRESS_01042022-3017.jpeg
GENERAL

Uber investigates cybersecurity incident after reviews of a hack – EAST AUTO NEWS

Uber investigates cybersecurity incident after reviews of a hack


Uber stated it’s “at the moment responding to a cybersecurity incident” after reviews {that a} hacker compromised its methods.

Rafael Henrique | Sopa Photographs | Lightrocket | Getty Photographs

Uber on Thursday stated it’s investigating a cybersecurity incident following reviews that the ride-hailing firm had been hacked.

“We’re at the moment responding to a cybersecurity incident,” Uber stated in an announcement on Twitter. “We’re in contact with legislation enforcement and can publish further updates right here as they develop into obtainable.”

A hacker gained management over Uber’s inner methods after compromising the Slack account of an worker, in accordance with the New York Instances, which says it communicated with the attacker instantly. Slack, a office messaging service, is utilized by many tech corporations and startups for on a regular basis communications. Uber has now disabled its Slack, in accordance with a number of reviews.

Shares of Uber declined 4% in premarket buying and selling Friday on information of the hack.

After compromising Uber’s inner Slack in a so-called social engineering assault, the hacker then went on to entry different inner databases, the Instances reported. In a single Slack message, the hacker is alleged to have written: “I announce I’m a hacker and Uber has suffered a knowledge breach.”

A separate report, from the Washington Submit, stated the alleged attacker instructed the newspaper that they had breached Uber for enjoyable and will leak the corporate’s supply code in a matter of months.

Staff initially thought the assault to be a joke and responded to Slack messages from the alleged hacker with emojis and GIFs, the Submit reported, citing two folks aware of the matter.

Screenshots shared on Twitter counsel the hacker additionally managed to take over Uber’s Amazon Net Providers and Google Cloud accounts, and gained entry to inner monetary information.

CNBC was unable to independently confirm the knowledge. Uber declined to remark past its assertion posted on Twitter.

Whereas it isn’t totally clear but how Uber’s methods have been compromised, cybersecurity researchers stated preliminary reviews point out the hacker eschewed subtle hacking strategies in favor of social engineering. That is the place criminals prey on folks’s credulity and inexperience to achieve entry to company accounts and delicate information.

“It is a fairly low-bar to entry assault,” stated Ian McShane, vice chairman of technique at cybersecurity agency Arctic Wolf. “Given the entry they declare to have gained, I am shocked the attacker did not try to ransom or extort, it appears to be like like they did it ‘for the lulz’.”

“It is proof as soon as once more that usually the weakest hyperlink in your safety defenses is the human,” McShane added.

Information of the assault comes as Uber’s former safety chief, Joe Sullivan, is standing trial over a 2016 breach wherein the information of 57 million customers and drivers have been stolen. In 2017, the corporate admitted to concealing the assault and, the next yr, paid $148 million in a settlement with 50 U.S. states and Washington, D.C.

Uber has tried to scrub up its picture within the wake of the exit of Travis Kalanick in 2017, the controversial former CEO who based the corporate in 2009. However scandals and controversies from Kalanick’s tumultuous tenure proceed to hang-out the agency.

In July, The Guardian reported on the leak of 1000’s of paperwork which detailed how Uber pushed into cities world wide, even when it meant breaking native legal guidelines. In a single occasion, former CEO Travis Kalanick stated that “violence ensures success” after being confronted by different executives about issues for the protection of Uber drivers despatched to a protest in France.

In response to The Guardian’s reporting on the time, Uber stated the occasions have been associated to “previous conduct” and “not according to our current values.”

Uber investigates cybersecurity incident after reviews of a hack – EAST AUTO NEWS
Comments

TOP STORIES

To Top
SELECT LANGUAGE »