The Business Times

Uber investigating computer network breach

    • Uber has contacted law enforcement, froze all Slack communications while it investigates the hacker’s claims.
    • Uber has contacted law enforcement, froze all Slack communications while it investigates the hacker’s claims. PHOTO: NYT
    Published Fri, Sep 16, 2022 · 09:58 AM

    UBER Technologies has shut down its internal Slack messaging system as it investigates a cybersecurity breach by a hacker claiming to have accessed sensitive company data.

    Employees on Thursday (Sep 15) received a Slack message from an unknown person claiming “I am a hacker”, said a source with knowledge of the matter. The perpetrator co-opted a staff member’s account and claimed to have gained access also to internal databases, the source added. The cyberattacker was an 18-year-old who managed to infiltrate a plethora of internal systems, providing snapshots of emails and code repositories to prove his exploits, the New York Times reported.

    Uber shares fell 5.2 per cent in pre-market trading in New York on Friday.

    The perpetrator or perpetrators appeared to have gained access to part of Uber’s Amazon and Google-hosted cloud infrastructure, said Sam Curry, a researcher with Yuga Labs who said he had been in contact with the attacker. They also got into the “HackerOne” system, which helps Uber with a so-called bug bounty program that rewards hackers for exposing and reporting vulnerabilities.

    “Pretty much everything,” Curry said when asked what got compromised. “They had access to all of HackerOne’s reports.” An Uber representative confirmed a breach had occurred but declined to elaborate.

    The company, which said on Twitter that it has contacted law enforcement, froze all Slack communications while it investigates the hacker’s claims. Uber’s ride-hailing and food delivery services appeared to be operating normally across the world, the sources said.

    Uber has run afoul of hackers before. It paid US$148 million to settle claims related to a large-scale data breach that exposed the personal information of more than 25 million of its US users in 2016. The New York Times reported the latest hack earlier on Thursday.

    “HackerOne supports its customers. We’re in close contact with Uber’s security team, have locked their data down, and will continue to assist with their investigation,” Chris Evans, its chief hacking officer, said in a statement. BLOOMBERG

    Uber

    Share with us your feedback on BT's products and services

    Feedback
    Latest T-bills Treasury Bills Results & Interest NewsLatest SSB Singapore Savings Bonds NewsLatest COE Certificate of Entitlement News
    Latest Johor-Singapore SEZ NewsLatest BTO Build To Order & Sales of Balance NewsLatest STI Straits Times Index NewsLatest SGX Dividends, Share Price NewsLatest Bonds Market NewsLatest Singapore Stocks To Buy NewsLatest Singapore Economy News
    View More