![]() In 2016, hackers stole information from 57 million driver and rider accounts and then approached Uber and demanded $100,000 to delete their copy of the data. It was not the first time that a hacker had stolen data from Uber. “We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us,” wrote Latha Maripuri, Uber’s chief information security officer. In an internal email that was seen by The New York Times, an Uber executive told employees that the hack was under investigation. “It seems like maybe they’re this kid who got into Uber and doesn’t know what to do with it, and is having the time of his life,” he said. The person appeared to have access to Uber source code, email and other internal systems, Mr. In the Slack message that announced the breach, the person also said Uber drivers should receive higher pay. He said he had broken into Uber’s systems because the company had weak security. The hacker, who provided screenshots of internal Uber systems to demonstrate his access, said that he was 18 years old and had been working on his cybersecurity skills for several years. “They have kits now that make it easier to deploy and use these social engineering methods. “We are seeing that attackers are getting smart and also documenting what is working,” Ms. Similar social engineering techniques were used in recent breaches at Microsoft and Okta. Tobac pointed to the 2020 hack of Twitter, in which teenagers used social engineering to break into the company. “These types of social engineering attacks to gain a foothold within tech companies have been increasing,” said Rachel Tobac, chief executive of SocialProof Security. ![]() The worker was persuaded to hand over a password that allowed the hacker to gain access to Uber’s systems, a technique known as social engineering. The person who claimed responsibility for the hack told The New York Times that he had sent a text message to an Uber worker claiming to be a corporate information technology person. It appeared that the hacker was later able to gain access to other internal systems, posting an explicit photo on an internal information page for employees. ![]() The hacker compromised a worker’s Slack account and used it to send the message, the Uber spokesman said. Shortly before the Slack system was taken offline on Thursday afternoon, Uber employees received a message that read, “I announce I am a hacker and Uber has suffered a data breach.” The message went on to list several internal databases that the hacker claimed had been compromised. Uber employees were instructed not to use the company’s internal messaging service, Slack, and found that other internal systems were inaccessible, said two employees, who were not authorized to speak publicly. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |