Market Desk (Tech): UBER says, it’s investigating “cyber security incident” that the company’s internal systems have been breached.
The alleged hacker, who claims to be 18-year says, they have administrator access to company tools including AWS and Google Cloud Platform.
The New York Times reports that the ride-hailing business has taken multiple internal systems including Slack, offline while it investigates the breach.
But the company declined to answer additional questions and pointed to its statement on Twitter. “We are currently responding to a cyber security incident. We are in touch with law enforcement and will post additional updates here as they become available,” the statement reads.
In a conversation with cyber security researcher Corben Leo, they also claimed to have gained access to Uber’s systems through login credentials obtained from an employee via social engineering, which allowed them to access an internal company VPN. From there, they found PowerShell scripts on intranet containing access management credentials that allowed them to allegedly breach AWS and G Suite accounts.
UBER said Friday that its services were all operational and that it had “no evidence that the incident involved access to sensitive data” such as users’ trip history.
Employee software tools shut down as a precaution were being gradually restarted, the San Francisco based company added.
However, the cyber security expert says, “whether it be phishing/SMS attacks or a simple phone call to get an employee to give up their credentials, ‘social engineering’ is going to be the easiest route for a malicious actor.”