Uber investigates massive security breach by Teen Hacker
Uber is investigating a breach of the company’s most sensitive data – including financial documents, internal messages and who else knows – by someone who told the New York Times he was only 18 years old. hacker post shots From their alleged exploits on Telegram Thursday to the announcement of the hack in Uber’s internal Slack channels that evening, apparently leading some employees to believe it was a joke, according to Washington Post.
The hacker allegedly breached Uber’s systems by posing as someone from the company’s IT team and obtaining the employee’s password through a text message, according to times, who described the hack as a “complete compromise” for Uber. Screenshots of the alleged hack posted on Telegram show access to hacker oneAnd the Amazon Web ServicesAnd the vSphereAnd the Google workspaceAnd the Uber’s financial statements.
The hacker announced himself Thursday by posting an image of an erect penis on internal websites with the message “FUCK YOU DUMB WANKERS,” according to luck magazine, although it remains unclear how long the hacker may have gained access to Uber’s data. Just because the hacker announced himself on Thursday doesn’t mean he was able to gain access that day.
Hacker message in Uber’s internal Slack channel shows people’s response to it emoji He explains why some employees think it’s a joke:
I declare I’m a hacker and Uber has had a data breach.
Slack has been robbed, and confidential data with Confluence, stash and 2 monorepos from phabricator, along with secrets from sneakers, have also been stolen.
It’s obviously quite possible that the hacker or hackers aren’t actually just an 18 year old doing it for lulz, and this could be the work of the government or an organized criminal organization. But if you wanted to look like an immature teenager just scamming a big company, you would surely screw up internal websites with your rooster and say “Damn you idiots.” This is also what a purebred (presumably British) teenager would say.
An Uber spokesperson declined to comment on the details of the hack overnight, saying only that they are “currently responding to a cybersecurity incident” and are “in contact with law enforcement.” Uber said it will provide updates through it Uber coms Twitter account, although this account has not been updated since 9:25 PM ET on Thursday.
Uber suffered a ransomware attack back in 2016, with sensitive information on 57 million users compromise, including driver’s license information, but the company kept it a secret for more than a year. The company paid the hackers $100,000 and fired two executives after the incident.
If it turns out that the hacker is a lone wolf that does not belong to any nation state and is only 18 years old, then the hack will follow in Long tradition of teenage pirates who penetrated sensitive areas just because they could. But if it’s really easy to engineer a social hack that has opened seemingly endless doors on Uber’s back end, you know someone who can profit will take notice next time. Because when it comes to hacking, there is always time to come. Get your shit together, Uber.