Uber internal system breached

September 16th, 2022 - Written By CyberLabs

Following news that a hacker had gained access to Uber’s network and forced it to shut down various internal communications and engineering systems, the firm stated on Thursday that it is reacting to a cybersecurity incident.

The New York Times who first reported on this breached stated, quoting an Uber representative that a hacker infiltrated an employee’s workplace messaging Slack software and used it to send a message to Uber employees informing them of a data breach.

The report said that it appeared the hacker was able to access more internal business systems and posted an explicit image on a page with information for employees. Uber stated in a tweet without elaborating, “We are in contact with law enforcement and will share additional updates here as they become available”

We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.

— Uber Comms (@Uber_Comms) September 16, 2022

According to the Times article, which was based on two employees who were not authorized to speak to the media, the Slack system was taken offline by Uber on Thursday afternoon after staff members received the message from the hacker. The message began, “I announce I am a hacker and Uber has suffered a data breach,” and went on to name a number of allegedly hacked corporate systems, the report said.

In the photos given by the hacker and obtained by Bleeping Computer, many crucial Uber IT systems, including the business’ Windows domain and security software, appear to have full access. The hacker also gained access to the organization’s Google Workspace email admin panel, VMware ESXi virtual machines, Amazon Web Services interface, and Slack server, where the hacker made posts..

Sam Curry, a security specialist at Yuga Labs, claims that the hacker also had access to the organization’s HackerOne bug bounty program, where they left comments on all of the bug bounty tickets.

Someone hacked an Uber employees HackerOne account and is commenting on all of the tickets. They likely have access to all of the Uber HackerOne reports. pic.twitter.com/00j8V3kcoE

— Sam Curry (@samwcyo) September 16, 2022

Source

• https://www.nytimes.com/2022/09/15/technology/uber-hacking-breach.html
• https://www.theguardian.com/technology/2022/sep/15/uber-computer-network-hack-report
• https://www.bleepingcomputer.com/news/security/uber-hacked-internal-systems-breached-and-vulnerability-reports-stolen/