Uber staff told to stay off Slack after hack

16 Sep 2022

Image: © Proxima Studio/Stock.adobe.com

The hacker reportedly accessed Uber’s systems through a phishing attack, a tactic that has been utilised in other high-profile hacks such as the recent Twilio data breach.

Uber is investigating a “cybersecurity incident” after a hacker shared evidence that they had gained access to the company’s internal systems.

As a result of the breach, Uber was forced to shut down some of its internal communications and engineering systems, according to The New York Times which first reported the incident.

Two employees told The New York Times that they were instructed not to use Slack, the messaging platform used by Uber staff, following the incident. The hacker reportedly messaged Uber staff yesterday (15 September), listing the internal databases that had been compromised.

Screenshots shared by the hacker appear to show full access to many Uber IT systems, including its security software, AWS console, Slack server and Google Workspace email admin dashboard, BleepingComputer reports.

Uber confirmed the breach earlier today (16 September) on Twitter. The company said it is “in touch with law enforcement” and will share updates when they become available.

Reporters from The New York Times said they spoke to the hacker, who claimed to have gotten the password of an Uber employee through a phishing attack. The hacker claimed they pretended to be with corporate IT and tricked the employee.

These types of social engineering attacks have been utilised in several high-profile data breaches in recent months. The Twilio data breach happened after employees were tricked into sharing their login credentials.

The hackers behind the Twilio breach appear to be conducting an “unprecedented” phishing campaign, compromising more than 130 organisations, according to a report by cybersecurity company Group-IB last month.

This isn’t the first time Uber has been subject to a data breach. The company faced a massive hack in 2016 that exposed the data of 57m customers and drivers.

Uber’s chief security officer at the time, Joe Sullivan, was fired for allegedly trying to conceal the breach and is now facing wire fraud charges.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com