Uber Technologies Inc., the popular ride-hailing company, on Thursday, suffered a computer system breach that forced it to take down several internal communications and engineering systems offline, reported the New York Times.
After the report was published, the breach was confirmed by Uber too in a tweet and said it was “responding to a cybersecurity incident.”
The company has instructed its employees not to use the workplace messaging app Slack, said the report, citing two people familiar with the matter. Due to the data breach incident, other internal systems were inaccessible too.
Apparently, a hacker had compromised an employee’s workplace messaging Slack app. Shortly before the messaging system was taken offline on Thursday afternoon, the hacker used it to send a message to Uber employees that it had suffered a data breach.
Update: A Threat Actor claims to have completely compromised Uber – they have posted screenshots of their AWS instance, HackerOne administration panel, and more.
— vx-underground (@vxunderground) September 16, 2022
“I announce I am a hacker and Uber has suffered a data breach,” read the message. The hacker also listed several internal databases in the message that were claimed to have been compromised.
The hacker, who claimed to be 18 years old, said he was driven by what he called weak security. “It appeared that the hacker was later able to gain access to other internal systems, posting an explicit photo on an internal information page for employees,” the New York Times said.
Currently, it is unclear what information, if anything, was the alleged hacker able to access. Uber said it was investigating the breach and is in contact with the law enforcement officials and will post additional updates as and when they become available.
Keep watching this space for more updates, as this is a developing story!