22 September 2022
Several engineering and internal communications systems at Uber have just been hacked and compromised. The ride-hailing giant has reported that they are looking into matters and investigating the breach.
The news of the hack was leaked by the hacker themselves when they sent pictures of Uber's code, cloud storage, and email repositories to a top news publication.
The employees at Uber were instructed to stop using Slack, a popular messaging and communications app for workplace collaboration. Just before Uber took down their Slack system, Uber’s staff received a Slack message that stated, "I announce I am a hacker, and Uber has suffered a data breach."
However, things did not end there. It turns out that the hacker was able to breach other internal communications systems as well. They later posted an explicit photograph of the staff on Uber's internal information page.
The ride-hailing company has recently stated that they have informed authorities and are working to investigate the breach. Currently, there are no indications that Uber's sensitive data, such as customer data, payment information, or fleet data, have been compromised or affected by the breach.
Like many tech companies and large businesses, Uber is subscribed to a bug bounty platform. They pay "bounty hunters" or ethical hackers on these platforms to find bugs and weak spots in their systems. In the case of Uber, they are subscribed to a California-based bug bounty platform called HackerOne.
One of the ethical hackers at HackerOne actually communicated with the hacker from Uber.
According to them, it appears that the Uber hacker was able to compromise plenty of internal systems. They also stated that several people from Uber's staff have mentioned that the company is locking things down internally to limit the hacker's access as much as possible.
However, there are no signs that the Uber hacker has caused any damage to internal systems, and it is likely that they only breached Uber's systems for publicity.
The chief hacking officer at HackerOne, Chris Evans (not the actor), stated that they have locked down Uber's data, are in touch with the security panel at Uber, and will provide continued assistance to the ride-hailing company for their investigation.
There is limited information on the Uber hacker's identity. However, they did mention that Uber drivers should get higher pay in the same Slack message that announced the hack to Uber's staff.
Moreover, the publication that the Uber hacker chose to leak the news to has reported that the culprit is an 18-year-old. They said that the teenager had been sharpening their hacking skills for many years and decided to breach Uber's internal systems simply because "they had weak security."
On the other hand, another popular news publication says that they have seen messages from an anonymous person who claims to have control of various Uber admin accounts.
In the cyber security industry, it is widely known that human error is the cause of a vast majority of breaches, and there is immense data to support this. The current Uber hack seems like another example of human error resulting in a breach that compromised multiple internal systems.
Sadly, someone within Uber's staff was likely duped by the hacker, and this resulted in their systems being breached and compromised. The scale of the hack and the hacker's public actions indicate that they were not just highly skilled but also highly motivated.
Recently, there has been a steep rise in the number of young, carefree hackers who have a ton of free time on their hands and all the necessary skills needed to sway even the most cautious employees. They take their time to convince a target to make the smallest of cyber security errors that ultimately result in disaster.
Cyber attacks on businesses have rapidly increased over the last few years, and this particular type of hacking through social engineering has become more intense than ever. Such breaches and hacks have been reported recently by many other tech companies, including giants such as Microsoft and Twitter.
Although social engineering is nothing new, it has been used to persuade people long before computers existed. Reports of people sweet-talking their way around staff members to exploit businesses have existed since at least the 60s.
It is likely that the practice has been around for much longer. However, what makes it more dangerous today is that cybercriminals are capable of integrating employee slip-ups with highly complex yet user-friendly software that makes hacking a piece of cake, even for teenagers.
The recent accidental discovery in attempting to improve lithium sulphur batteries might just be what our planet needs. Read on to find out!
The market for point of care diagnostics has been greatly boosted by the rising frequency of chronic diseases and the rising demand for speedy testing, and this trend is anticipated to continue during the predicted period.
This fall, Sotheby's will auction three artworks by Willem De Kooning. Read ahead to find out more about De Kooning as an artist and how his three works have come up for auction.
Latest research has found a way to efficiently recycle lithium ion batteries while improving its capacity as well as efficiency. Read on to learn more.
In order to further improve its comparison engine, Douglas Insights has added reports on the 5G Edge Cloud Network And Services Market. These reports will ai...
Known as the third largest consumer of plastic and engineered polymers, the automotive sector uses it in manufacturing interior and exterior components of ca...
Douglas Insights has analysed various aspects of the Technical Textiles Market and revealed the changes in market trends due to increased awareness of techni...
With the addition of lithium sulphur battery market research reports, Douglas Insights has further extended its comparative engine, making it possible for en...