The ride-hailing and food delivery company uber was hit by a cybersecurity incident on Thursday.
On Thursday afternoon a hacker gained access to vulnerability reports and shared screenshots of the company’s internal systems, email dashboard, and Slack server.
After the incident, Uber said it was investigating a cybersecurity incident that its network was breached and the company had to shut down several internal communications and engineering systems.
The breach appeared to have compromised many of Uber’s internal systems, and a person claiming responsibility for the hack sent images of the email, cloud storage, and code repositories to cybersecurity researchers.
Sam Curry, a researcher of Yuga Labs said he had been in contact with the attacker. When Sam asked what got compromised. “They had access to all of HackerOne’s reports.” An Uber representative confirmed a breach had occurred but declined to elaborate.
Uber has yet to offer additional details about the incident, but it seems that the hacker, believed to be an 18-year-old teenager, social-engineered the employee to get hold of their password by masquerading as a corporate IT person and used it to obtain a foothold into the internal network.
The company instructed employees not to use the workplace messaging app Slack.
After seeing some screenshots leaked on Twitter, an attacker has compromised Uber’s AWS cloud account and its resources at the administrative level, gained admin control over the corporate Slack workspace as well as its Google G Suite account that has over 1PB of storage in use, has control over Uber’s VMware vSphere deployment and virtual machines, access to internal financial data, such as corporate expenses, and many more.
Uber, in a tweet, acknowledged the data breach and said that the matter is currently under investigation, “We are in touch with law enforcement and will post additional updates here as they become available,” the company said in tweet.
The New York Times, which first reported on the breach, said they spoke to the threat actor, who said they breached Uber after performing a social engineering attack on an employee and stealing their password.
Slack said in a statement that the company was investigating the incident and that there was no evidence of a vulnerability inherent to its platform.