Uber Hacker Claims Widespread Computer Access Following Breach

Uber Technologies Inc. has responded to a cybersecurity breach allegedly caused by a hacker who claimed to have gained widespread access to the company's computer systems.

Source: WSJ | Published on September 16, 2022

Cyber attack against LinkedIn, Snapchat, X, Venmo

"We are currently investigating a cybersecurity incident." "We are in contact with law enforcement and will post any additional updates here as they become available," the ride-hailing company said on Thursday night via Twitter.

According to the company and researchers on the platform, on Thursday, a hacker identified only by the Telegram handle Tea Pot gained control of Uber's account with HackerOne, a firm that helps companies work with security researchers. According to the researchers, the hacker provided screenshots that appeared to show widespread access to a variety of administrative accounts that manage Uber's technology systems, including the company's Amazon Web Services and Google clouds, as well as VMware Inc.'s systems.

If the hacker's claims are true, the incident would represent a significant breach for the company, according to cybersecurity consultant Robert Graham.

"It's all of their IT data." And because they're an IT firm, it's everything," he explained.

Apart from the HackerOne account compromise, The Wall Street Journal was unable to confirm Tea Pot's other claims.

"We were promptly alerted to this by our customer Uber," said Marten Mickos, CEO of HackerOne, in a text message. "In order to protect their data, we restricted access to it." We are assisting them with their investigation."

Tea Pot informed Sam Curry, a Yuga Labs security engineer, that they had duped an Uber employee into granting them access to Uber's virtual private network. Once on the network, the hacker was able to obtain additional credentials that granted greater access.

Tea Pot, who was reached via Telegram late Thursday, claimed to be the hacker but did not respond to questions about the hack.

Uber's latest cybersecurity issue comes just over a week after a trial began over the role of its former security chief in responding to an earlier hack.

Uber experienced a data breach in 2016 that affected approximately 57 million records. Millions of riders' names, emails, and phone numbers, as well as approximately 600,000 driver's license numbers, were accessed. Uber disclosed the breach a year later and said it paid the hackers $100,000.

The company announced at the time that its chief security officer and deputy had been fired for their roles in the company's response to the breach. Joe Sullivan, the security chief, is now on trial, facing criminal obstruction charges for his role in paying the hackers. The trial began last week in United States District Court in San Francisco.