Uber Security Breach Stemmed from Contractor, Believes Lapsus$ Behind Attack
20 September 2022 - 12:58AM
Dow Jones News
By Denny Jacob
Uber Technologies Inc. on Monday provided additional details in
connection with last week's security breach.
The ride-hailing company said an EXT contractor had their
account compromised by an attacker, according to a regulatory
filing. The company said it is likely the attacker purchased the
contractor's Uber corporate password on the dark web after their
personal device had been infected with malware. The contractor
accepted a two-factor login approval request after repeated
requests from the attacker, resulting in a successful login.
The San Francisco-based company said it believes the attacker or
attackers are affiliated with hacking group Lapsus$. The company's
investigation is still ongoing.
Uber said it hasn't seen that the attacker accessed its
production systems that power its apps, any user accounts or
databases it uses to store sensitive user information. The company
added that it reviewed its codebase and hasn't found that the
attacker made any changes. Uber also said it hasn't found that the
attacker accessed any customer or user data stored by its cloud
providers.
The attacker downloaded some internal Slack messages, as well as
accessed or downloaded information from an internal tool its
finance team uses to manage some invoices, Uber said, adding that
it is currently analyzing the downloads. The attacker was able to
access its dashboard at HackerOne, but any bug reports the attacker
was able to access have been remediated, Uber said.
Write to Denny Jacob at denny.jacob@wsj.com
(END) Dow Jones Newswires
September 19, 2022 18:43 ET (22:43 GMT)
Copyright (c) 2022 Dow Jones & Company, Inc.
Uber Technologies (NYSE:UBER)
Historical Stock Chart
Von Mär 2024 bis Apr 2024
Uber Technologies (NYSE:UBER)
Historical Stock Chart
Von Apr 2023 bis Apr 2024