Uber cybersecurity incident
Uber has released an official statement, acknowledging that it has been the victim of a cyber-attack due to the compromise of a third-party contractor's account through malware infection of the provider's personal device.
The company, as stated on its website, details that the attacker accessed several internal systems and downloaded some internal Slack messages, as well as accessed or downloaded information from an internal tool used to manage some invoices. In addition, he was able to access the company's HackerOne dashboard.
Uber suspects that the attacker may be linked to the hacking group Lapsus$, and notes that they are coordinating with the FBI and the US Department of Justice to investigate the incident.
References:
- 15/09/2022 uber.com Security update
- 16/09/2022 businessinsider.es Uber sufre un ataque informático: el atacante reivindica un acceso a redes corporativas, bases de datos e información sensible de la compañía
- 16/09/2022 eldiario.es Un adolescente hackea a Uber y publica sus datos financieros
- 16/09/2022 elconfidencial.com Un joven de 18 años 'hackea' Uber y se cuela en todos sus sistemas internos
- 16/09/2022 genbeta.com Uber ha sufrido otra gran brecha de seguridad: el hacker cuenta que fue pan comido
- 16/09/2022 bleepingcomputer.com Uber hacked, internal systems breached and vulnerability reports stolen