SAN FRANCISCO– Uber said Thursday it contacted law enforcement after a hacker appeared to have broken into its network. A security engineer said the intruder provided evidence that he had gained access to vital systems of the dispatcher.
There was no evidence that Uber’s vehicle fleet or operations were affected in any way.
“It seems like they compromised a lot of stuff,” said Sam Curry, an engineer at Yuga Labs who communicated with the hacker. That includes full access to the Amazon and Google-hosted cloud environments where Uber stores its source code and customer data, he said.
Curry said he spoke to several Uber employees, who said they were “working to lock everything down internally” to limit the hacker’s access. That included the San Francisco-based company’s internal messaging network Slack, he said.
He said there was no indication the hacker had done any harm or was interested in more than the public. “My gut feeling is that it looks like they want to get as much attention as possible.”
The hacker had alerted Curry and other security researchers to the intrusion Thursday night by using an internal Uber account to comment on vulnerabilities they had previously identified on the company’s network through its bug bounty program, which ethical hackers pay for paid to track down network weaknesses.
The hacker provided a Telegram account address, and Curry and other researchers then engaged them in a separate conversation, sharing screenshots of various pages from Uber’s cloud providers to prove they broke in.
The Associated Press tried to contact the hacker through the Telegram account where Curry and the other researchers chat with them. But nobody answered.
The New York Times reported that the person who claimed responsibility for the hack said they gained access through social engineering: They sent a text message to an Uber employee claiming to be a tech for the company, and persuaded the employee to hand over a password that gave them access to the network.
The Times said the hacker, aged 18, broke in because the company had weak security in place.
A screenshot posted to Twitter and confirmed by researchers shows a chat with the hacker, in which they say they socially engineered an administrator’s credentials.
Social engineering is a popular hacking strategy as humans tend to be the weakest link in any network. Teens used a similar trick to hack Twitter in 2020
Uber said via email that it is “currently responding to a cybersecurity incident. We are in touch with law enforcement.” It said it would provide updates on its Uber Comms Twitter feed.
The company has been hacked before.
Its former chief security officer, Joseph Sullivan, is currently on trial over allegations that he paid hackers $100,000 to cover up a 2016 high-tech heist that stole the personal information of some 57 million customers and drivers.
Copyright © 2022 by The Associated Press. All rights reserved.
https://6abc.com/uber-hacker-data-breach-sam-currey-yuga-labs/12233943/ Hacker claims to breach Uber network, security researcher says