Uber logo billboard in front of the company's headquarters in San Francisco, California (file photo) After a major «hack», Uber continues to operate
Taxi service Uber said its system was operational after what its security experts called a «major data breach»
Last Thursday, a lone hacker was said to have announced a hack into Uber's system after apparently tricking an employee into providing their credentials.
Screenshots shared by the hacker with the company's security researchers show that the individual has gained full access to the cloud services where Uber stores customers' confidential and financial data.
It is not known how much confidential information the hacker stole, and how for a long time he was in the Uber computer network. The two cybersecurity experts spoke directly to the hacker, who claimed to be about 18 years old.
However, the files that the hacker gave them and which were then publicly posted on Twitter and other social networks showed that a hacker could have accessed Uber's most important internal systems.
“He really had high-level access. It's terrible,” said Leo Corbin, a cybersecurity researcher and head of business development at Zellic.
Corbin spoke to the hacker online.
He said the screenshots shared by the person showed that the attacker gained access to data stored on Amazon and Google cloud servers, where Uber stores the source code, as well as financial and personal data of customers, such as driver's licenses. .
In one of the screenshots, the hacker showed a breach of Uber Slack's internal collaborative system.
Sam Curry, a Yuga Labs engineer who also spoke to the hacker said there was no indication that the hacker did any damage or was interested in anything more than self-promotion. “I think [the crackers] want to get as much attention as possible,” Curry explained.
Curry admitted that on Thursday he spoke to several Uber employees who said they were “working to lock down everything inside” to restrict the hacker's access. That included Slack, a San Francisco-based company, he said.
In a statement posted online as early as Friday, Uber said that “internal software tools that … went offline yesterday at restored as a precaution.”
The company said that all of its services, including Uber Eats and Uber Freight, are working and that there is no evidence that the attacker gained access to “sensitive user data”, such as travel history.
Curry and Leo noted that the hacker did not indicate how much data he copied. At the same time, Uber did not recommend that its users take any specific actions, such as changing passwords.
How did the hacker achieve his goal?
Essentially, the hacker figured out the Uber employee's password. Then, posing as a work colleague, the hacker bombarded the employee with text messages asking him to confirm that he was logged into his account. In the end, the employee relented and provided the two-factor authentication code that the hacker used to log in.
“Social Engineering” is a popular hacking strategy since humans tend to be the weakest link in any network. Teenagers have used it in 2020 to hack Twitter, and more recently it has been used to hack tech companies Twilio and Cloudflare.
Uber has been hacked before
< br /> Former Uber security chief Joseph Sullivan is currently on trial for allegedly arranging $100,000 to be paid to hackers to cover up a 2016 high-tech heist that stole the personal information of about 57 million customers and drivers.