Uber responding to “cybersecurity incident” following reports of significant data breach
Michael Hill reports:
Ride-hailing giant Uber has confirmed that it is responding to a cybersecurity incident as reports emerge that the firm has suffered a significant network data breach forcing it to shut down several internal communications and engineering systems.
Attacker announces Uber breach through compromised Slack account
In a statement on Twitter, Uber wrote “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.” While details from the company are currently sparse, a report by the New York Times on Thursday claimed that a hacker was able to compromise an employee’s Slack account and used it to send a message to Uber employees announcing that the company had suffered a data breach.
Read more at CSO.
Lawrence Abrams of Bleeping Computer says the situation for Uber may even be worse than initially imagined:
Uber runs a HackerOne bug bounty program that allows security researchers to privately disclose vulnerabilities in their systems and apps in exchange for a monetary bug bounty reward. These vulnerability reports are meant to be kept confidential until a fix can be released to prevent attackers from exploiting them in attacks.
Curry further shared that an Uber employee said the threat actor had access to all of the company’s private vulnerability submissions on HackerOne.
BleepingComputer was also told by a source that the attacker downloaded all vulnerability reports before they lost access to Uber’s bug bounty program.
Read more at BleepingComputer.
One thing may be a safe bet: After all the continuing fallout from their attempt to cover up a 2016 data breach that resulted in fines and even criminal prosecution of their now-former security chief, Uber will not try to cover up this one.