On Thursday 15th September, a hacker claiming to be 18 years old found his way into Uber’s computer sharing network. Once inside the system, the hacker even shared obscene images and messages on the organization’s Slack. Things got to a point where the ride-hailing giant had to shut down its systems so that it could prevent any further damage.
Workers at the company while talking about the breach said that they were unable to even search things from their own computers. According to an Uber employee each time he tried requesting a page, he was led to a male pornographic site or met a message that said “f**k you wankers”
Soon after the attack was identified, Uber informed all its employees to not use their systems, however, the messages stayed consistent and soon Uber’s slack received a message that apparently came from the hacker’s side, it stated that “I announce I am a hacker and Uber has suffered a data breach. Slack has been stolen, confidential data with confluence, stash and 2 monorepos from phabricator have also been stolen, along with secrets from sneakers”. The message was followed with the hashtag #uberunderpaisdrives.
This attack however was carried out on Uber’s internal systems and the company’s fleet of cars and logistical side remained completely unharmed. However, it was one dangerous attack and gave the hacker complete control over the company’s information.
“They pretty much have full access to Uber. This is a total compromise, from what it looks like. That includes obtaining complete access to the Amazon and Google-hosted cloud environments where Uber stores its source code and customer data” said bug bounty hunter Sam Curry.
When investigated in detail it was found out that the hacker got into the system by sending out a fake text to a worker that made it seem like the hacker was from the IT department and eventually convinced them to share their password.
Uber after receiving thousands of questions gave out a statement on its Twitter and said that “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.”