Uber hacked, company assessing severity of losses
William Gallagher
Uber says it is working with law enforcement to investigate a data hack that may have given a hacker widespread access to all of the firm's data and systems.
This is not the first time that Uber has been hacked, but as yet it's not known to what extent the breach has been successful.
We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.
— Uber Comms (@Uber_Comms) September 16, 2022
Uber has tweeted about the incident, and according to the Wall Street Journal, it is confirmed that a hacker did gain at least some access.
Reportedly, the hacker first gained access to Uber's account with security firm HackerOne. That firm's researchers say that the hacker provided screenshots showing Uber's systems ranging from its Amazon Web Services accounts, to Google cloud services.
"We got alerted to this promptly by our customer Uber," Marten Mickos, HackerOne's chief executive, said in a text message to the publication. "We locked access to their data in order to protect it. We have a team assisting them in their investigation."
It's not clear how the hack was initially identified, and the Wall Street Journal says it has not been able to verify the hacker's claims. That includes whether the hacker is one identifying himself or herself as Tea Pot.
Tea Pot has both claimed to be the hacker, and reportedly said that the hack was done by tricking an Uber employee into giving them access to the company's private network.
If the breach is as severe as reported, it won't be the company's first massive breach.
Former Uber security chief, Joe Sullivan, was fired after a 2016 data breach. He is this week standing trial over accusations that he paid the hackers' ransom in order to hide that there had been a breach. Sullivan denies this.
Andrew Orr
Sponsored Content
Malcolm Owen
Mike Wuerthele
