Uber announced it was investigating a cybersecurity incident, after a report that its network was breached, forcing the company to shut several internal communications and engineering systems.
A hacker had compromised an employee’s account on the workplace messaging app Slack and used it to send a message to Uber employees announcing that the company had suffered a data breach, according to a New York Times report on Thursday that cited an Uber spokesperson.
This is not the first time Uber has experienced an attack on its systems. Back in 2016, it suffered a massive hack 2016 that exposed the personal information of about 57 million of its customers and drivers.
It appeared the hacker was able to gain access to other internal systems, posting an explicit photo on an internal information page for employees, the Times report added.
Uber staff had been instructed to not use Slack, which is owned by Salesforce Inc, according to the report. Other internal systems were inaccessible too.
A person assumed responsibility for the hack and told the paper that he had sent a text message to an Uber employee claiming to be a corporate IT person. The worker was persuaded to hand over a password that allowed the hacker to gain access to Uber’s systems, the report said.
Uber’s HackerOne account that the company uses for its bug bounty program, but the hacker reportedly gained access through this account and it currently appears disabled.
Leave a reply