Uber Security Data Breach

On September 15th, Uber’s internal computer network was the victim of a hacking incident in which sensitive customer data was compromised. The company is currently investigating the extent of the damage and working to secure its systems to prevent future attacks.

“They pretty much have full access to Uber..”

Sam Curry, a security engineer at Yuga Labs
Uber tweeted about the incident

Uber Security Data Breach Timeline of events

The Uber security breach story is continuously evolving, and organizations need to stay aware of the latest developments. Here’s a recap of some Uber security incident key events:

We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us

Latha Maripuri, Uber’s Chief information security officer

In light of the Uber systems breach, employees have been unable to access certain tools such as Slack. This is a cause for concern as it leaves room for more potential threats.

September 15, 2022

Uber Data Breach announced

Uber tweeted about the ‘security incident’ and being in “touch with law enforcement on the matter.”

September 15, 2022
September 16, 2022

Uber hacker claims responsibility

The 18-year old Uber hacker, who went by the name of “Tea Pot,” claimed, in Uber’s private Slack channel, his access to Uber’s infrastructure as well as critical cloud services that the company uses, such as Amazon Web Services (AWS), Slack, and Google Workspace.

September 16, 2022
September 16, 2022

Uber hacker claims responsibility

The 18-year old Uber hacker, who went by the name of “Tea Pot,” claimed, in Uber’s private Slack channel, his access to Uber’s infrastructure as well as critical cloud services that the company uses, such as Amazon Web Services (AWS), Slack, and Google Workspace.

September 16, 2022
September 17, 2022

Uber statement

Uber claimed “no evidence that the incident involved access to sensitive user data (like trip history).”

September 17, 2022
September 19, 2022

Uber blames hacking group Lapsus$ for the attack

Uber attributed the data breach to Lapsus$-Affiliated Hacker group.

September 19, 2022

Uber attacker got access to almost everything and it includes the following:

  • Slack Workspaces
  • Google Workspace Admin
  • AWS Accounts
  • HackerOne Program
  • SentinelOne EDR
  • vSphere Dashboard, and
  • Financial Dashboards

Uber Breach Analysis 2022 | Uber Attack Chain

Who hacked Uber?

Uber security data breach was carried out by an unnamed 18-year old hacker.

How did the hacker gain access to Uber internal computer network?

The hacker, who according to the New York Times, sent a text message to an Uber employee pretending to be a member of the company’s IT team. The 18-year old hacker then persuaded the employee to share a password to Uber’s virtual private network (VPN), which granted the hacker access to certain areas of the company’s systems.

How did Uber Security Data Breach hack happen?

According to Uber, the most likely explanation for how the hacker accessed their system is by purchasing the contractor’s password from the dark web. This was after their personal device had been infected with malware, which allowed the hacker to gain access to the corporate Uber account.

The initial Uber hack began when a hacker, who previously manipulated and social-engineered one of the company’s employees, gained access to the company’s internal network. From there, the hacker was able to launch MFA cyber-attacks, logged into the VPN and scanned their intranet.

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top