Uber responding to 'cybersecurity incident' after hack

Source: The Guardian

Dan Milmo and agencies
Fri 16 Sep 2022 07.43 EDT

Uber has been hacked in an attack that appears to have breached the ride-hailing company’s internal systems. The California-based company confirmed it was responding to a “cybersecurity incident”, after the New York Times reported that a hack had accessed the company’s network and forced it to take several internal communications and engineering systems offline.

The hacker claimed to be 18 years old, according to the report. Uber’s service, which operates in more than 10,000 cities around the world, appears to have been unaffected. A hacker compromised the employee workplace messaging app Slack and used it to send a message to Uber employees announcing that it had suffered a data breach. Screenshots appearing to show Uber’s hacked internal systems have appeared on Twitter, but the Guardian has not been able to confirm whether they are genuine.

Alan Woodward, a professor of cybersecurity at Surrey University, said the screenshots indicated “significant network penetration with high-level privileges”. He added: “As the hacker does appear to have such high-level access it’s also going to be difficult for Uber to know they have managed to remove the hacker from the network. It could mean a major rebuild of their systems, which will cause serious disruption.”

It appeared the hacker was able to gain access to other internal company systems, posting an explicit photo on an internal information page for employees, according to the New York Times. “We are in touch with law enforcement and will post additional updates here as they become available,” Uber said in the tweet confirming the attack.

Read more: https://www.theguardian.com/technology/2022/sep/15/uber-computer-network-hack-report