South Africa

Uber assures no sensitive user data was compromised during attack


Uber says there is no evidence that sensitive user data was compromised during an attack that occurred on Thursday, 15 September 2022.

The company also said its internal software tools are fully operational again after it shut them down as a precaution.

“We have no evidence that the incident involved access to sensitive user data (like trip history),” Uber said.

“All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational.”

The ride-hailing company reiterated that it had notified law enforcement of the issue.

The Hacker News spoke to independent security researcher Bill Demirkapi, who described Uber’s stance on the matter as “sketchy”.

“‘No evidence’ could mean the attacker did have access, Uber just hasn’t found evidence that the attacker *used* that access for ‘sensitive’ user data,” The Hacker News quoted Demirkapi as saying.

“Explicitly saying “sensitive” user data rather than user data overall is also weird.”

The malicious actor who gained access to Uber’s systems through a social engineering attack compromised its internal systems, email dashboard, and Slack server.

The attacker also accessed Uber vulnerability reports and shared screenshots which appear to prove that they had access to Uber’s critical IT systems.

Compromised critical systems included Uber’s security software, Windows domain, Amazon Web Services console, email admin dashboard, and Slack server — to which the attacker posted messages.

The hacker revealed they could access Uber’s IT systems after performing a social engineering attack on an employee, through which they managed to steal the employee’s password.

Now read: Serious security flaw in Microsoft Teams

Leave a comment