Recent times have seen data breaches become a rather common occurrence – and that in itself is alarming given the rising concerns about digital privacy. The latest enterprise to taste the bitter pill of what it calls a “cybersecurity incident” is ride-hailing major Uber, which confirmed that it had suffered a data breach.
The company confirmed in a tweet on Friday, September 16, that it was working with law enforcement authorities and would continue to post updates as they would be available.
We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.
— Uber Comms (@Uber_Comms) September 16, 2022
As part of the breach, several of its internal systems – such as its internal communications and engineering systems – were compromised. And according to a report by The New York Times, Uber instructed its employees not to use the company’s internal messaging service, Slack.
The reason? The hacker who is responsible for the data breach compromised the Slack account of an employee and used it to send a message to other employees. The message, which was sent shortly before Slack was taken offline, read “I announce I am a hacker and Uber has suffered a data breach,” and then went on to list several internal databases that they claimed had been compromised.
The alleged hacker claims to be an 18-year-old and that they had stolen confidential data from Confluence, stash and two monorepos from phabricator, along with “secrets from sneakers.” It ended the message with the hashtag #uberunderpaysdrivers.
They also announced that they had worked on their cybersecurity skills for several years, and that they had broken into Uber’s systems because the company had weak security. According to Sam Curry, a security engineer at Yuga Labs, the hacker had administrative access to company tools such as Amazon Web Services and Google Cloud Platform, as well as Uber’s source code, email and other internal systems. If this is not enough, they claimed to have hacked Uber “for fun” and that they might leak source code “in a few months.”
“They pretty much have full access to Uber,” Curry said. “This is a total compromise, from what it looks like.”
In what looked to be a conversation with Corben Leo, a cybersecurity researcher, the hacker claimed that they accessed an internal company VPN and found PowerShell scripts on Uber’s intranet. The same was said to contain access management credentials that allowed them to allegedly breach Uber’s AWS and G Suite accounts.
While the breach created chaos and pandemonium at Uber as all the internal websites showed obscene content – including explicit images and text – what is surprising that many Uber employees took it to be a joke. They even responded to the hacker’s message with emojis and GIFs. Of course, later they learned otherwise.