Uber Internal Systems Has Been Hacked, Links Breach To Lapsus$ Group

Uber Hacked! Internal System Data Stolen In Cyberattack


  • According to Uber, the hacker did not gain access to “production systems.”
  • The user’s information appears secure.
  • According to Uber, Lapsus$ has also attacked Microsoft in the past.

Last week, an employee’s Slack app, a workplace messaging service, was hacked, resulting in an Uber data breach. The company has now admitted that a hacker group known as Lapsus$, which has been active lately, was responsible for the cyberattack. According to a blog post by Uber, the group frequently targets IT companies using similar techniques, and in 2022 alone, it managed to hack into Microsoft, Cisco, Samsung, Nvidia, and Okta, among other companies. Even more recently, it was reported that the same hacker group gained access to Rockstar Games, the company that developed GTA.

The extent of the attack was not immediately clear when reports of a potential data breach arose last week. Now that it has been made clear that the attacker gained access to multiple internal systems, Uber is still looking into whether there was any material impact.

Also Read: 15 Best uTorrent Alternatives In 2022 Which Offer Faster And Safer Downloads

The attacker, according to Uber, did not get access to the “production systems” that power its mobile apps. The company guarantees the security of user accounts and the databases it uses to hold sensitive user data, including trip information, bank account information, and payment card numbers. To provide an additional layer of security, Uber additionally encrypts personal health data and credit card information.

Uber admitted that an Uber EXT contractor’s account was compromised and described the attack’s method. On the dark web, the attacker seemed to have obtained the contractor’s corporate password. The attacker then made numerous attempts to access the Uber account of the contractor. Each time, the contractor got a request for two-factor login approval, which at first prevented access. The contractor eventually agreed to one, and the attacker was able to log in.

The hacker then gained access to several additional employee accounts, giving him or her enhanced access to numerous apps, including G-Suite and Slack. Uber “disabled many affected or possibly affected internal tools” as soon as it was made aware of the attack, and it “locked down” its “codebase, preventing any new code changes.”

As part of the probe, Uber claims it is still working with several top digital forensics firms. The company adds that it will use this chance to improve technology to lessen potential cybersecurity risks in the future.

About The Author