(Reuters) – Uber Technologies Inc said on Monday that a hacker affiliated with hacking group Lapsus$ was responsible for a cyber attack that forced the car booking company to temporarily shut down several internal communications last week.
Uber (NYSE:) said the attacker did not gain access to any user accounts and databases that store sensitive user information such as credit card numbers, bank account or flight details.
“The attacker gained access to several internal systems, and our investigation has focused on determining whether there was any physical impact,” Uber said, adding that the investigation was still ongoing.
The company said it was coordinating closely with the FBI and the US Department of Justice on the matter.
Friday’s cybersecurity incident disrupted Uber’s internal communication system for a while, and employees were restricted to using the Salesforce-owned Slack office messaging app.
Uber said the attacker logged into the contractor’s Uber account after he accepted the two-log-approval request after multiple requests, giving the hacker access to several employee accounts and tools such as G-Suite and Slack.
The hacking group Lapsus$ targeted companies including Nvidia (NASDAQ :), Microsoft Corporation (NASDAQ 🙂 and Okta (NASDAQ :)), an authentication services company that thousands of major companies rely on.
$Lapsus could not immediately be reached for comment.
The hacker, dubbed a “teapotuberhacker”, also claimed to have leaked early screenshots of the much-anticipated Take-Two (NASDAQ:) Interactive Software Inc game “Grand Theft Auto VI” on Monday.
The hacker posted a message on the forum about seeking to “negotiate a deal” with the video game company.