View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 16, 2022

Uber cyberattack: ride-hailing giant’s systems compromised in apparent social engineering breach

A large number of internal systems appear to have been compromised in the breach.

By Matthew Gooding

Uber is investigating a cyberattack on its systems in which hackers appear to have gained significant access to the company’s system. The hacker who claims to be behind the breach says they gained access to the Uber’s network through a social engineering attack on an employee.

Uber is investigating a cyberattack (pic: MOZCO Mateusz Szymanski/Shutterstock)

The ride-hailing giant confirmed it was investigating a possible breach overnight, and is working with law enforcement agencies.

Its statement came after the New York Times reported that the hacker had gained access to Uber’s internal Slack messaging system and was posting messages taunting staff.

Uber cyberattack: which systems have been compromised?

According to the Times report, Uber shut down its Slack on Thursday after the hacker posted a message stating “I announce I am a hacker and Uber has suffered a data breach,” before going on to list all the systems they had comprised.

Screenshots posted online apparently show that the cybercriminal had gained access to Uber’s AWS instance, as well as the controls of its security platform HackerOne.

Other screenshots posted on Twitter seem to show an Uber account on Google’s G-Suite with over one petabyte of storage in use, as well as the company’s VMware vSphere virtual machine infrastructure.

Uber has not confirmed whether any customer or driver data has been affected by the breach. Tech Monitor has contacted the company to request further information.

How did the Uber breach happen?

It is thought the hacker tricked an Uber employee into handing over login details by pretending to be a member of the company’s IT team. Screenshots from Telegram appear to show the hacker boasting they had been able to connect to Uber’s VPN using the stolen credentials and scour the company’s internal systems.

Social engineering is a common method used by criminals to gain access to networks, particularly since the Covid-19 pandemic and the rise of remote working. Techniques include bogus phishing emails, as well as more sophisticated methods such as deep fake videos and audio which are used to trick company into handing over confidential information.

Read more: AI will extend the scale and sophistication of cybercrime

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.