top line
Uber on Thursday He said It was investigating a “cyber security incident” and reported it to law enforcement after an alleged hacker claimed to have breached the company’s internal databases, a development potentially exposing critical information, including customer data.
key facts
The breach was first revealed in an internal message to Uber employees on the Slack messaging platform, where an unknown account wrote, “I’m a hacker and Uber has had a data breach.”
The alleged hacker shared images of “email, cloud and code repositories” with The New York Times And some researchers in the field of cyber security.
A screenshot of the alleged hacker’s message on Slack appears to have been initially viewed as a joke, with Uber employees interacting with a series of emojis according to screenshot Shared by the online malware database VX-Underground.
according to timesUber employees have been asked to stop using Slack while other internal communication channels also appear to be closed.
Sam Curry, a security engineer at Yuga Labs and one of the people the alleged hacker contacted, He said Screenshots show that Uber’s databases hosted on Amazon and Google’s cloud services appear to have been “completely hacked”.
The hacker allegedly gained access to Uber’s internal systems using a method known as social engineering where they masqueraded as an IT person at the company and convinced an employee to share their login credentials, times Report added.
Amazing fact
As part of the hack, the hacker appears to possess gain control From Uber’s HackerOne account the company uses for its bug bounty program. The program pays security researchers to inform the company of any vulnerabilities in their software or databases.
