Skip to content

Alert: Uber’s internal systems hacked giving bad actor ‘full access’

Alert: Uber’s internal systems hacked giving bad actor ‘full access’

In this day and age, hacking attacks on major companies are nothing new, with the most recent victim being Uber Technologies, the mobility as a service (MaaS) provider that allows users to hitch a ride, commute, eat, and more.

Specifically, Uber’s platform was hacked on September 15, with the attacker gaining access to the company’s multiple critical internal systems, such as its Windows domain and security software, including vulnerability reports, Bleeping Computer reported on September 16.

Full access to Uber’s systems

In addition, the hacker shared with cybersecurity researchers and The New York Times reporters the screenshots of the platform’s internal systems, email dashboards, cloud storage, and Slack server, showing what seems like complete access to these systems.

According to a report by The New York Times, which first reported on the attack, Yuga Labs’ security engineer Sam Curry, who communicated with the alleged hacker, said that:

“They pretty much have full access to Uber. (…) This is a total compromise, from what it looks like.”

Among other things, the attacker gained access to Uber’s Amazon Web Services (AWS) dashboard, Google Workspace email admin dashboard, VMware ESXi virtual machines, and Slack server, where they wrote messages.

The hacker reaches out

As per The New York Times report, one of the messages was:

“I announce I am a hacker and Uber has suffered a data breach.”

The report also said that the attacker claimed to have sent a text message to an Uber employee pretending to be a corporate IT person, convincing the employee to share a password that allowed the hacker to access the company’s systems.

In addition, the attacker said he was 18 years old and had hacked Uber’s platform because it had poor security, adding that Uber’s drivers should have better salaries.

Uber’s response

Responding to the incident, Uber Communications said on its Twitter (NYSE: TWTR) account that:

“We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.”

According to an internal email seen by The New York Times, the company’s chief information security officer Latha Maripuri told employees that the incident was being investigated:

“We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us.”

The cyberattack comes a little over a month after Uber Technologies recorded a surge of over 13% in premarket trading after releasing its earnings report that exceeded the expectations on Wall Street with a 105% year-on-year revenue increase, as Finbold reported.

Best Crypto Exchange for Intermediate Traders and Investors

  • Invest in cryptocurrencies and 3,000+ other assets including stocks and precious metals.

  • 0% commission on stocks - buy in bulk or just a fraction from as little as $10. Other fees apply. For more information, visit etoro.com/trading/fees.

  • Copy top-performing traders in real time, automatically.

  • eToro USA is registered with FINRA for securities trading.

30+ million Users
Securities trading offered by eToro USA Securities, Inc. (“the BD”), member of FINRA and SIPC. Cryptocurrency offered by eToro USA LLC (“the MSB”) (NMLS: 1769299) and is not FDIC or SIPC insured. Investing involves risk, and content is provided for educational purposes only, does not imply a recommendation, and is not a guarantee of future performance. Finbold.com is not an affiliate and may be compensated if you access certain products or services offered by the MSB and/or the BD

Read Next:

Finance Digest

By subscribing you agree with Finbold T&C’s & Privacy Policy

Related posts

Sign Up

or

By submitting my information, I agree to the Privacy Policy and Terms of Service.

Already have an account?

Services

IMPORTANT NOTICE

Finbold is a news and information website. This Site may contain sponsored content, advertisements, and third-party materials, for which Finbold expressly disclaims any liability.

RISK WARNING: Cryptocurrencies are high-risk investments and you should not expect to be protected if something goes wrong. Don’t invest unless you’re prepared to lose all the money you invest. (Click here to learn more about cryptocurrency risks.)

By accessing this Site, you acknowledge that you understand these risks and that Finbold bears no responsibility for any losses, damages, or consequences resulting from your use of the Site or reliance on its content. Click here to learn more.