UBER internal systems have been breached
Uber’s revelation that hackers accessed the personal information of 57 million riders and drivers over the past year, a breach the company only publicly disclosed on Tuesday, adds new potential legal problems to the already troubled company added.
Uber says it’s investigating a “cybersecurity incident.” ‘ amid reports that the company’s internal systems were breached. The suspected hacker, who claims to be 18, says he has administrative access to company tools, including Amazon Web Services and Google Cloud Platform. Reports that the ridesharing company has taken several internal systems offline, including Slack, while it investigates the violation.
A company officials declined to answer further questions, referring to his statement on Twitter. “We are currently responding to a cybersecurity incident. We are in contact with the authorities and will post further updates here as they become available,” the statement says.
— Colton (@ColtonSeal) September 16, 2022
The alleged hacker’s Slack message was so obvious that many Uber employees initially thought it was a joke. Staff replies to the post included happy emojis like mermaids and popcorn, and the “It’s Happening” GIF.
An anonymous Uber employee told Yuga Labs security engineer Sam Curry that the employees interacted with the hacker and thought he was playing a prank. ‘ read a staff member’s reply, according to The Post.
What actually happened in uber?
Uber CEO Dara Khosrowshahi said two hackers broke into the company in late 2016 and stole personal information, including phone numbers, email addresses and names, from 57 million Uber users. Together, the hackers stole 600,000 driver’s license numbers for the company.
According to Khosrowshahi, the hackers accessed the data through a third-party cloud-based service. found the username and password to access Uber user data stored on an Amazon server.
Jeremiah Grossman, chief security strategist at security firm SentinelOne, says it’s not a fancy trick. Companies often inadvertently store credentials in source code uploaded to GitHub, he said.