“I announce that I am a hacker and that Uber has suffered a data breach,” the message said.
This was followed by a flurry of reactions from emojis, including dozens showing what appeared to be siren symbols. People said that due to the hack, some systems including Slack and internal tools were temporarily disabled.
Internal screenshots obtained by The Washington Post showed the hacker claiming to have extensive access to Uber’s networks, apparently indicating that the hacker was motivated by the company’s treatment of its drivers. The person claimed to have taken data from popular software that Uber employees use to write new software.
Uber cited its statement on Twitter when asked to comment on the matter. The company did not immediately respond to questions about the extent to which inside information was compromised.
Uber has been waiting a year to report a massive breach of customer data
The New York Times first reported on the incident.
Uber previously had a breach in 2016 that exposed personal information of 57 million people around the world, including names, email addresses and phone numbers. It also included driver’s license information from nearly 600,000 American drivers. Two people gained access to the information via a “third-party cloud-based service” that Uber was using at the time.
Uber, which is headquartered in San Francisco, employs thousands of people globally who may have been affected by hackers disrupting the systems. The company has also come under fire for its treatment of drivers it has struggled to retain as contractors.
The hacker by the name of Uber posted a chat post at HackerOne, which runs a cross-section of researchers who report security vulnerabilities and the companies affected by them. Uber and other companies use this service to manage reports of vulnerabilities in their programs and to reward researchers who find them.
In that chat, seen by The Post, the alleged hacker claimed access to Uber’s Amazon Web Services account.
What to do if you get hacked
AWS did not immediately respond to a request for comment. (Jeff Bezos, founder of Amazon, owns The Post.)
In a subsequent interview on a messaging app, the alleged hacker told The Post that they hacked the company for fun and might leak the source code “in a few months.”
The person described Uber’s security as “horrible.”
Peiter “Mudge” Zatko’s Journey From Hacker To Twitter
Uber employees were taken aback by the sudden disruption of their workday, and some initially reacted to the spam as if they were a joke, according to the photos.
The hacker’s ominous posts were met with backlash depicting SpongeBob’s character Mr. Krabs, the popular “It’s Happening” GIF, and questions if the situation was a joke.
“Sorry to be stuck in the mud, but I think the IT team will appreciate fewer memes as they deal with the breach,” said one of the messages seen by The Post.
#Uber #suffers #computer #system #breach #alerts #authorities