A hacker gained access to Uber data in the US

Digital companies platform Uber has contacted regulation enforcement after the system was allegedly breached by a hacker, a supply at the San Francisco-based firm stated.

According to a supply linked to the digital safety sector, a hacker (pc hacker) will acquire access to the principal system of street transport companies (Individual and Paid Transportation of Passengers in Uncharacterized Vehicles, Portuguese title).

At this time, Uber will not be saying how a lot harm it could have prompted to the automotive service.

“It seems to be like they bought access to quite a lot of issues,” stated Sam Curry, a pc engineer at the firm who communicated with the hacker by way of textual content messages.

You will get access to the “cloud” of Amazon and Google

According to Curry, the hacker gained access to the “cloud” (cloud) of Amazon and Google, the place Uber shops buyer codes and data.

The pc engineer stated he requested the firm’s workers to “shut down every thing (inner programs) to restrict the hacker’s actions, together with the Slack digital messaging platform, which operates in the metropolis of San Francisco, USA.”

Sam Curry additionally stated the hacker “did not imply any hurt”, including that he simply wished “protagonism”.

“I really feel like they need as a lot consideration as doable.”

A hacker alerted Curry and different digital safety specialists at Uber to the intrusion Thursday evening utilizing an inner firm account.

The hacker additionally commented on beforehand found vulnerabilities in the firm’s community.

During the contact, the hacker offered a Telegram community deal with and exchanged messages with Curry and different Uber workers in a separate dialog, sharing screenshots of varied pages taken in the firm’s “cloud”, proving the intrusion into the firm’s inner system.

The Associated Press tried to contact the hacker via a Telegram account offered by Sam Curry, however didn’t obtain a response.

The New York Times reported that the individual liable for the cyberattack stated he gained access in a easy approach: He despatched a message to an Uber worker posing as an Uber technician, convincing him to efficiently ship a password to access the total digital system.

“Very weak safety system”

The American newspaper reviews that the hacker claims to be 18 years previous and that he allegedly wished to show that Uber “is an organization with a really weak safety system.”

The identical technique of acquiring key phrases via direct contacts (social engineering on behalf of hackers) was used in 2020 towards the social community Twitter.

In the case of Twitter, hackers additionally requested key phrases by way of messages impersonating workers of the social community.

Uber instructed The Associated Press that it’s “addressing the cybersecurity subject” and has reported the information to regulation enforcement.

Uber has been the goal of different cyber assaults in the previous.

Former IT safety chief Joseph Sullivan is on trial on suspicion of paying a hacker $100,000 to cowl up a 2016 assault that stole the private data of 57 million Uber prospects and drivers.

Leave a Comment

Your email address will not be published.