Uber was the victim of an internal hack last week, and now the ride-sharing company is releasing information about who is behind it.
Collection Smith/Gado/Getty Images
Surprisingly, the culprit was allegedly an 18-year-old hacker who was able to break into Uber’s internal systems (including G-Suite and Slack), exposing the company to a data breach.
The anonymous hacker got in touch New York Times and told the outlet that he was posing as an Uber IT worker and texted an Uber employee asking for his password, which gave him access to the internal systems.
“An Uber EXT contractor’s account was compromised by an attacker,” Uber said in a blog post yesterday. “The attacker then repeatedly tried to log into the contractor’s Uber account. The contractor received a two-factor login permission request each time, which initially blocked access. Eventually, however, the contractor accepted one and the attacker successfully logged in. “
Uber explained that they believe the hacker (or hackers) are part of the Lapsus$ group – based on the techniques they used to break into Uber’s systems – and also for hacks earlier this year at Microsoft, Samsung and Cisco are responsible.
They are also believed to be behind the recent leak at Rockstar Games, where footage from the latest iteration of the video game was seen call of Duty was compromised this week.
The company realized it had been compromised after the teen posted a message on the company-wide Slack channel.
Honestly an elegant way to hack someone @Above pic.twitter.com/fFUA5xb3wv
— Colton (@ColtonSeal) 09/16/2022
When using Slack, employees were reportedly redirected to a pornographic image with expletive captions, per Sources on Twitter.
“We are working with several leading digital forensics companies on the investigation. We will also take this opportunity to further strengthen our policies, practices and technology to further protect Uber from future attacks,” Uber said.
The company claimed none of its customer-facing services like Uber and Uber Eats had its data compromised, although the services were briefly impacted after internal tools had to shut down due to the hack.
Uber has struggled in recent years after a dramatic exit by former CEO Travis Kalanick in 2017 brought to light allegations of sexual harassment and discrimination at the company.
The company also faced a separate leak earlier in the summer when documents revealed questionable internal practices and company culture.
Uber was down nearly 21% year over year as of Tuesday afternoon.
