On September 16, the VTC company Uber was the victim of a cyberattack. Many internal systems have been compromised. The hacker had access to computer systems, including the company’s security software and the Windows domain. In a tweet, Uber said he has contacted law enforcement and is investigating who the target was.
the New York Times more precisely investigated the process of the computer attack. The hacker, who says he is 18, said he texted an Uber employee claiming to be the company’s information technology manager.
The employee was convinced to provide a password that would allow the hacker to access Uber’s systems. Then Uber’s Slack communication system went offline and employees received a message from the hacker: “I announce that I am a hacker and that Uber has suffered a data breach.”
Inaccessible internal systems
Uber employees were later told not to use Slack and found other internal systems inaccessible. It appears that the hacker was able to gain access to other internal systems, posting an explicit photo on an internal employee information page. According to Sam Curry, an IT security expert, some workers thought the intruder’s messages were a prank and continued to use Slack despite instructions.
The hacker would also have had access to the Hacker One system, a rewards program for hunting bugs and attacks. HackerOne has cut off access to internal Uber documents made public on its platform.
At the moment, access to the Uber and Uber Eats applications has not been affected.
Source: BFM TV
