People were alarmed by the latest news that Uber, a popular transport service, was struck by a data breach after unknown hackers accessed their critical computer systems, including their Windows domain and security servers.
According to reports, as also seen by our researchers in iZOOlogic, the unknown hackers have accessed the firm’s internal computer systems, compromising critical data such as vulnerability reports, email dashboards, AWS console, VMware ESXi VMs, and Slack servers.
The alleged unauthorised access was initiated through malicious actors hacking into an Uber employee’s Slack account through social engineering. Afterwards, the hackers sent a message to all other Uber staff to announce that the company’s data had been breached.
The threat actors also revealed screenshots showing which internal databases were involved in their alleged access to Uber’s computer systems.
Cybersecurity experts believe that one of the most critical assets the hackers could have accessed was Uber’s HackerOne bug bounty program.
The threat actors in this incident have commented on all user vulnerability submissions, even from years ago, indicating that they could exploit the reported vulnerabilities for other attack operations. This issue is also severe because hackers could abuse vulnerabilities that have not yet been fixed or sell them to other threat actors in underground forums.
The HackerOne bug bounty program has been disabled as part of the threat mitigation. All Uber employees were also told to refrain from using Slack.
Uber has temporarily taken its engineering systems offline as the investigation for the security incident is ongoing. The transport firm also stated that they have contacted relevant authorities to aid with the situation and will disclose important updates as it becomes available.
With operations in about 10,500 cities in over 70 countries, Uber is one of the largest transportation and ride-sharing services globally. As cyberattacks continue to hit giant corporations, the safety of customers and partners will always be at risk.
It is strongly recommended that all Uber app users change their passwords and activate multi-factor authentication (MFA) as soon as possible. Furthermore, users must observe any suspicious activities in their accounts and report them immediately if they occur.
