On Thursday, Uber employees received an alert on the company’s intranet: “I’m reporting that I’m a hacker and Uber has had a data breach.” The company shut down several of its communications and engineering systems to establish the extent of the hack.
The infiltration compromised many of Uber’s internal systems. The person who claimed responsibility for the hack sent images of email, cloud storage, and code repositories to cybersecurity researchers and The New York Times .
“They most likely have full access to Uber,” commented Sam Curry, a security engineer at Yuga Labs who corresponded with the hacker.
An Uber spokesperson said the company is investigating the breach and has contacted law enforcement. Employees have been ordered not to use Slack’s internal messaging service. They also found that other internal systems were not available.
Shortly before the Slack system was shut down on Thursday afternoon, Uber employees received a hacker message. The message went on to list the databases that the hacker claimed had been compromised. The message also contained a statement that Uber employees should be paid more.
According to an Uber spokesperson, a hacker hacked into an employee’s account and used it to send a message. It was later revealed that the hacker was able to gain access to other internal systems by posting a candid photo on the internal employee information page.
The hacker told The New York Times that he sent a text message to an Uber employee claiming he was an enterprise information technology specialist. He convinced them to hand over a password that allowed the hacker to access Uber’s systems.
The young man said that he was 18 years old and that he had been working on acquiring cybersecurity skills for several years. According to him, he hacked Uber’s systems after seeing their weak protection.
Uber said that Ukrainians most often forget in a taxi