TREND NOW

Uber reportedly suffers major data breach mdash what you need to know Tom s Guide

Uber reportedly suffers major data breach mdash what you need to know Tom s Guide

Uber reportedly suffers major data breach - what you need to know Tom's Guide Skip to main content Tom's Guide is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Here's why you can trust us.

Uber reportedly suffers major data breach - what you need to know

By Tom Pritchard published 16 September 2022 Uber's internal systems appear to have been hacked (Image credit: Photo Illustration by Omar Marques/SOPA Images/LightRocket via Getty Images) Update: Uber hacker also claims responsibility for Rockstar's major GTA 6 leak. If you're one of the many people that uses Uber to get around, you might want to pay attention. The ride-share company has confirmed that it's investigating a possible breach, and it sounds like this one is a doozy. According to the New York Times (opens in new tab), Uber discovered its computer network had been breached on Thursday. The breach reportedly compromised some of Uber's internal systems, with the alleged perpetrator sending images of emails, cloud storage and code repositories to the Times and cybersecurity researchers. The hacker made themselves known by infiltrating the Uber Slack channel, and sending out the message "I announce I am a hacker and Uber has suffered a data breach." This was followed by a list of internal databases they claim to have accessed, a message saying Uber drivers should get higher pay. as well as posting an explicit photo on an internal employee information page. Two anonymous Uber employees, who asked to remain anonymous, told the TImes that Uber is telling staff not to use the company's Slack channel. Meanwhile, other internal systems are said to be inaccessible.

What caused the alleged Uber data breach

So how did this happen? Well, the person claiming responsibility has been pretty chatty about the whole deal. The hacker told the New York Times that they sent a text message to an Uber worker, claiming to be a "corporate information technology person." This led to them persuading the Uber employee in question to hand over the password needed to gain access to Uber's internal VPN, which gave them access to the corporate network. The hacker also told Acronis CISO Kevin Reed (opens in new tab) (via ZDNET (opens in new tab)) that they were able to access "highly privileged credentials on network file shares," giving them access to the now-compromised systems. The hacker also claimed to be 18 years old and had been "working on his cybersecurity skills for several years". Apparently he broke into Uber's systems because of the company's weak security - or in other words, because he could.

A total compromise

Sam Curry, researcher from Yuga Labs, said that it looks like "a total compromise" and that the person responsible "pretty much [has] full access to Uber". That includes access to the company source code, emails and other internal systems. Curry shared similar sentiments on Twitter (opens in new tab), but told the Times that "it seems like maybe they're this kid who got into Uber and doesn't know what to do with it, and is having the time of his life." Internal emails show an Uber executive telling employees that the breach is being investigated, but there's no timeline on when full access will be restored. An Uber spokesperson told the Times they're investigating the breach, and are in contact with law enforcement. This isn't the first time Uber has suffered a hack of this magnitude. Back in 2016 information from 57 million driver and rider accounts was stolen and held for ransom. Uber paid $100,00 in ransom money and actively covered up the incident until it was exposed a year later (opens in new tab) - something the company only officially admitted to in July (opens in new tab). Joe Sullivan, the executive in charge of security, was fired as a result of the hack and is on trial for charges of obstruction of justice (opens in new tab) - on account of the hack not being disclosed to regulators.

How an Uber data breach could affect you

It's not clear how much the hacker has access to, or what they intend to do with any information they acquire. Sam Curry could be right, and this is just a kid who managed to scam his way into the system to cause some havoc. However, even if that's true, it doesn't discount any malicious intent. It's also not entirely clear which systems they have access to, and what sort of information they contain. There's not a whole lot that individual Uber users can do, but it is still worth changing your account password as a precaution. On top of that, if you have any accounts with the same password, change those too. Ideally you'll want to choose something unique, because using the same password multiple times is just asking for trouble. If you have trouble remembering them all, check out our list of the best password managers, and our guide on how to create strong passwords to keep your data safe.Today's best Apple MacBook Pro deals21 Amazon customer reviews (opens in new tab)☆☆☆☆☆ (opens in new tab) (opens in new tab)$1,999 (opens in new tab)View (opens in new tab) (opens in new tab) (opens in new tab)$3,499 (opens in new tab)View (opens in new tab) (opens in new tab) (opens in new tab)No price information (opens in new tab)Check Amazon (opens in new tab)We check over 250 million products every day for the best prices

Be In the Know

Get instant access to breaking news, the hottest reviews, great deals and helpful tips. Tom PritchardAutomotive EditorTom is the Tom's Guide's Automotive Editor, which means he can usually be found knee deep in stats the latest and best electric cars, or checking out some sort of driving gadget. It's long way from his days as editor of Gizmodo UK, when pretty much everything was on the table. He's usually found trying to squeeze another giant Lego set onto the shelf, draining very large cups of coffee, or complaining that Ikea won't let him buy the stuff he really needs online. More about security These misspelled websites are spreading nasty malware - how to stay safe ExpressVPN reviewLatest Bose QuietComfort 45 is Black Friday cheap right now and lowest price everSee more latest ► Topics Apps Security See all comments (0) No comments yet Comment from the forums MOST READMOST SHARED1Bose QuietComfort 45 is Black Friday cheap right now and lowest price ever2iOS 16 features - here's how to use everything new for your iPhone 3How to set up an iCloud Shared Photo Library4Mac Pro M2 just tipped for 2023 - with 48 CPU cores and 152 GPU scores5iOS 16 iCloud Shared Photo Library - what it is and how it works1iOS 16 features - here's how to use everything new for your iPhone 2How to set up an iCloud Shared Photo Library3Mac Pro M2 just tipped for 2023 - with 48 CPU cores and 152 GPU scores4iOS 16 iCloud Shared Photo Library - what it is and how it works5The best streaming services in 2022
Share:
0 comments

Comments (0)

Leave a Comment

Minimum 10 characters required

* All fields are required. Comments are moderated before appearing.

No comments yet. Be the first to comment!

Uber reportedly suffers major data breach mdash what you need to know Tom s Guide | Trend Now | Trend Now