On September 15th, Uber’s internal computer network was the victim of a hacking incident in which sensitive customer data was compromised. The company is currently investigating the extent of the damage and working to secure its systems to prevent future attacks.
“They pretty much have full access to Uber..”
Sam Curry, a security engineer at Yuga Labs
Uber Security Data Breach Timeline of events
The Uber security breach story is continuously evolving, and organizations need to stay aware of the latest developments. Here’s a recap of some Uber security incident key events:
We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us
Latha Maripuri, Uber’s Chief information security officer
In light of the Uber systems breach, employees have been unable to access certain tools such as Slack. This is a cause for concern as it leaves room for more potential threats.
Uber Data Breach announced
Uber tweeted about the ‘security incident’ and being in “touch with law enforcement on the matter.”
Uber hacker claims responsibility
The 18-year old Uber hacker, who went by the name of “Tea Pot,” claimed, in Uber’s private Slack channel, his access to Uber’s infrastructure as well as critical cloud services that the company uses, such as Amazon Web Services (AWS), Slack, and Google Workspace.
Uber hacker claims responsibility
The 18-year old Uber hacker, who went by the name of “Tea Pot,” claimed, in Uber’s private Slack channel, his access to Uber’s infrastructure as well as critical cloud services that the company uses, such as Amazon Web Services (AWS), Slack, and Google Workspace.
Uber statement
Uber claimed “no evidence that the incident involved access to sensitive user data (like trip history).”
Uber blames hacking group Lapsus$ for the attack
Uber attributed the data breach to Lapsus$-Affiliated Hacker group.
Uber attacker got access to almost everything and it includes the following:
- Slack Workspaces
- Google Workspace Admin
- AWS Accounts
- HackerOne Program
- SentinelOne EDR
- vSphere Dashboard, and
- Financial Dashboards
Uber Breach Analysis 2022 | Uber Attack Chain
Who hacked Uber?
Uber security data breach was carried out by an unnamed 18-year old hacker.
How did the hacker gain access to Uber internal computer network?
The hacker, who according to the New York Times, sent a text message to an Uber employee pretending to be a member of the company’s IT team. The 18-year old hacker then persuaded the employee to share a password to Uber’s virtual private network (VPN), which granted the hacker access to certain areas of the company’s systems.
How did Uber Security Data Breach hack happen?
According to Uber, the most likely explanation for how the hacker accessed their system is by purchasing the contractor’s password from the dark web. This was after their personal device had been infected with malware, which allowed the hacker to gain access to the corporate Uber account.
The initial Uber hack began when a hacker, who previously manipulated and social-engineered one of the company’s employees, gained access to the company’s internal network. From there, the hacker was able to launch MFA cyber-attacks, logged into the VPN and scanned their intranet.