Home / Early Warning / Cybersecurity Highlights / Uber cybersecurity incident

Uber cybersecurity incident


Uber has released an official statement, acknowledging that it has been the victim of a cyber-attack due to the compromise of a third-party contractor's account through malware infection of the provider's personal device.

The company, as stated on its website, details that the attacker accessed several internal systems and downloaded some internal Slack messages, as well as accessed or downloaded information from an internal tool used to manage some invoices. In addition, he was able to access the company's HackerOne dashboard.

Uber suspects that the attacker may be linked to the hacking group Lapsus$, and notes that they are coordinating with the FBI and the US Department of Justice to investigate the incident.