Uber has suffered a security breach what has made a hacker broke into your systemsexecuting an attack that, according to the indications, is considerably worse than the one that the company suffered in 2016. For now, Uber is investigating what happened, and according to the New York Times, they have disconnected their internal communications and engineering systems until find out to what extent the attack has affected them.
The hack does not look good for the company, since everything points to the hacker has gained access to many of Uber’s internal systems. In addition, a person who has claimed responsibility for the attack has sent the newspaper, as well as several cybersecurity researchers, several images of mail control panels, the cloud storage system and various Uber code repositories. Based on these images, the attacker likely has full access to Uber’s systems.
The hacker has also sent a message to Uber employees, which they received this Thursday afternoon, shortly after the company took its systems offline. In the message, he assured them that he was a hacker and that Uber had suffered a security and data breach. In the email, the hacker listed some internal databases that he claimed had been compromised.
This attacker, who points out that carrying out the attack was quite simple, managed to access the Slack account of a company employee. From there, it appears that he gained access to other internal systems, and posted an explicit photo of his wanderings through the systems on an internal information page for employees.
In addition, he sent a text message to an Uber worker claiming to be a corporate information technology person, and convinced him to give him a password that gave the hacker access to even more Uber systems. Even to the source code of it.
Apparently, the hacker, who has provided evidence to the New York Times that he is the one who has accessed the company’s systems, is 18 years old and has been improving his cybersecurity skills for several years. He claims that he has attacked Uber because the company has very weak security. Furthermore, in the Slack message announcing the breach, he also pointed out that Uber drivers would have to be paid more.
Latha Maripuri, Uber Safety Officerhas emailed Uber employees about the attack, telling them that they currently have no estimates of how much the hacker has had access to, or when full access to tools that have been suspended will be restored. now.
It is not the first time that Uber has suffered a hack, as we have mentioned. In 2016, several attackers stole information from 57 million driver and delivery accounts, then contacted the company and demanded a ransom of $100,000 for destroying the information they had obtained. Uber reached an agreement with the attackers and made the payment, but kept the security breach secret for more than a year. This time the attacker himself has worried that they cannot hide what happened.
