Global ride-hailing corporation, Uber Technologies, was struck by cyber attack, after an hacker claimed access to sensitive company data.
According to Bloomberg, the ride-hailing service provider has shut down it’s internal Slack messaging as it investigate the cyber security breach.
On Thursday, employees received a Slack message from an unknown person claiming “I am a hacker”, newshound reliable gathered.
The perpetrator co-opted a staff member’s account and claimed to have gained access also to internal databases.
However, New York Times reported that the cyberattacker was an 18-year-old who managed to infiltrate a plethora of internal systems, providing snapshots of emails and code repositories to prove his exploits.
A researcher with Yuga Labs, Sam Curry who claimed to have been in touch with the attacker said, “The perpetrator or perpetrators appeared to have gained access to part of Uber’s Amazon and Google-hosted cloud infrastructure
They also got into the “HackerOne” system, which helps Uber with a so-called bug bounty program that rewards hackers for exposing and reporting vulnerabilities.
“Pretty much everything,” Curry said when asked what got compromised. “They had access to all of HackerOne’s reports.” An Uber representative confirmed a breach had occurred but declined to elaborate.
Confirming the incident, Uber on its verified Twitter handle, wrote, “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.”
Leave a Reply