After learning that its network has been compromised, Uber Technologies Inc (UBER.N), shut down its services and internal communication systems. The company announced the attack on Thursday, adding that the incident is being investigated.
According to sources, a hacker infiltrated an employee’s Slack account and used it to send a message to Uber employees informing them of the data breach. Upon sending out the message, the hacker accessed internal files and uploaded explicit images on an internal information page for employees.
Uber cybersecurity incident
We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.
— Uber Comms (@Uber_Comms) September 16, 2022
The attack occurred when the hacker took over the Slack account of Uber employees and shared messages with other employees about a breach. According to sources, the message in the hack began with, “I announce I am a hacker and Uber has suffered a data breach,” and claimed that several internal databases had been compromised.
To initiate the attack, the hacker texted an Uber employee under the disguise of a corporate IT professional and convinced the employee to divulge a password that gave the hacker access to Uber’s computer systems.
Uber Technologies, Inc. is a popular mobility service provider. It allows users to book cabs via its mobile app and works similarly to radio taxis, but it uses the mobile app instead of taking bookings via calls. Based in San Francisco, with operations in approximately 72 countries and 10,500 cities, Uber is one of the largest taxi service providers in the world.
Uber and Slack react to the incident
Uber Tweeted about the incident and said, “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.”
Slack, a popular messaging app for businesses, responded to the incident and said that the event had been investigated and no proof had been found about the platform’s vulnerability. Slack’s parent company, Salesforce Inc, said, “Uber is a valued customer, and we are here to help them if they need us.”
The companies are looking into the incident, and Uber employees have been instructed not to use Slack until the issue has been resolved.