Uber identifies hackers behind cyberattack

Share post:

Uber has issued a security update on its website stating that investigation is ongoing, and it will continue to provide updates on its response to last week’s security incident. It also stated that the cyberattack was carried out by a hacker linked to the Lapsus$ hacking group, which has previously targeted companies such as Nvidia, Samsung, Microsoft and Okta.

According to Uber, an Uber EXT Contractor account was compromised by the attacker using social engineering tactics, and the attacker most likely get the Uber company password of the contractor on the dark web after infecting the contractor’s personal device with malware and releasing that login credentials.

The attacker then tried to log into the contractor’s Uber account several times, each time receiving a two-factor access request that initially blocked access. However, the contractor eventually accepted one, and the attacker logged in successfully, then accessed several other employee accounts and granted the attacker elevated access to a range of tools, including G Suite and Slack.

Uber also stated that it responded by prioritizing the attackers’ lack of access to its systems, ensuring the security of user data, and investigating the scope and impact of the incident.

Other security measures include identifying compromised employee accounts, disabling affected internal tools, effectively resetting access to internal services, barring its code base, strengthening its MFA multi-factor authentication policies, and increasing surveillance.

Although there is no evidence that the attacker gained access to sensitive user data such as trip history, credit card numbers or bank accounts, the company has notified the FBI and the US Department of Justice about the incident.

The sources for this piece include an article in Uber.


Related articles

Apple faces backlash over recent ads

Apple is currently facing significant public backlash due to a controversial advertisement featuring a hydraulic press crushing various...

 Google executives face employee concerns amid profitsurge

At a recent all-hands meeting, Google employees voiced significant concerns regarding morale, cost-cutting measures, and the impact of...

Spotify CEO confesses to “rough times after layoffs” – stock price rises

In December, Spotify CEO Daniel Ek announced the largest round of layoffs in the company's history, cutting 1,500...

Zuckerberg shares his vision with investors and Meta stock tanks

In an era where instant gratification is often the norm, Meta CEO Mark Zuckerberg’s strategic pivot towards long-term,...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways