Uber Technologies Inc (NYSE:UBER) Starts Investigation on Breach of Systems Data

Uber Technologies Inc  (NYSE:UBER) plunged around 6.5% or $-11.65 to trade at $174.61  on Friday after it declared that it has started an investigation following a hacker claimed to have breached many of the ride sharing giant’s systems.

Uber has not released any details, but it has stated that it is investigating a cybersecurity problem. According to the firm, police enforcement has been alerted, and developments will be shared on Twitter.

One person has claimed responsibility for the attack. To back up his assertions, he has released screenshots and spoken with members of the cybersecurity community and the media. Some Uber employees appear to have acknowledged that the company’s systems have been compromised.

The hacker, who is 18 years old, told The New York Times that he used SMS phishing to fool an Uber employee into passing up their credentials. He stated that he has been honing his cybersecurity talents for years.

According to researcher Corben Leo, the hacker allegedly got into the company’s VPN and searched its intranet after gaining the employee’s credentials, where he discovered a network share with PowerShell scripts. According to the hacker, one of these scripts had admin account credentials for a privilege access management service, which allowed him to gain “secrets for all services,” including cloud and identity services.

According to Vx-underground, which provides malware samples and other resources, the hacker apparently gained access to AWS instances, an internal tool displaying financial information, a vSphere instance, a Google Workplace account, a cybersecurity product dashboard, and even one of Uber’s accounts on the HackerOne bug bounty platform.

HackerOne has deactivated the Uber software temporarily and is supporting the firm. According to researcher Sam Curry, the hacker responded on every vulnerability report on HackerOne, claiming to have hacked several of the ride-hailing service’s systems. It is possible that the attacker downloaded reports for unpatched and unknown vulnerabilities.

Curry stated that an Uber employee informed him that the attacker obtained access to Slack and that employees were diverted to pornographic information while attempting to visit websites. The hacker began composing messages on Slack informing employees that Uber had been hacked, but several employees mistook it for a prank, even after they were told to cease using Slack.

This is not the first time Uber’s security has been compromised. Two people living in the United States and Canada stole the information of 57 million riders and drivers from the company’s systems in 2016.

The company recently reached a settlement with federal investigators over its efforts to cover up the 2016 breach, but Uber’s then-CSO, Joe Sullivan, is facing a trial for his alleged role in the cover-up, which included paying the attackers $100,000 through its bug bounty program to destroy the stolen data and make the breach appear to have had a smaller impact.

Leave a Reply

Your email address will not be published.