“I announce i’m a hacker and uber has suffered a knowledge breach,” the message mentioned.
It was adopted by a flurry of response emoji, together with a number of dozen exhibiting what gave the impression to be a siren symbols. Due to the hack, the folks mentioned, some methods together with Slack and inside instruments have been briefly disabled.
Inner screenshots obtained by The Washington Put up confirmed the hacker claiming to have wide-ranging entry insider Uber’s company networks and appeared to point the hacker was motivated by the corporate’s remedy of its drivers. The individual claimed to have taken information from frequent software program utilized by Uber staff to write down new applications.
Uber pointed to its tweeted assertion when requested for touch upon the matter. The corporate didn’t instantly reply to questions in regards to the extent to which inside info might have been compromised.
The New York Instances first reported the incident.
Uber beforehand suffered a breach in 2016 that uncovered private info of 57 million folks world wide, together with names, e-mail addresses and telephone numbers. It additionally included drivers license data from roughly 600,000 U.S. drivers. Two people accessed the knowledge through “a third-party cloud-based service” utilized by Uber on the time.
Uber, which is predicated in San Francisco, employs 1000’s of individuals globally who might have been affected by the hacker’s obstruction of methods. The corporate has additionally come beneath hearth for its remedy of drivers, who it has fought to maintain as contractors.
The hacker posted as Uber on a chat operate at HackerOne, which runs interference between researchers who’re reporting safety vulnerabilities and the businesses who’re affected by them. Uber and different corporations use that service to handle studies of safety flaws in its applications and to reward researchers who discover them.
In that chat, which was seen by The Put up, the alleged hacker claimed entry to Uber’s Amazon Internet Companies account.
AWS didn’t instantly reply to a request for remark. (Amazon founder Jeff Bezos owns The Put up.)
In a subsequent interview on a messaging app, the alleged hacker advised The Put up that that they had breached the corporate for enjoyable and may leak supply code “in just a few months.”
The individual described Uber safety as “terrible.”
Uber staff have been caught off guard by the sudden disruption to their workday, and a few initially reacted to the alarming messages as in the event that they have been a joke, in accordance with the screenshots.
The hacker’s ominous posts have been met with reactions apparently depicting the SpongeBob character Mr. Krabs, the favored “It’s Taking place” GIF and queries as as to whether the scenario was a prank.
“Sorry to be a stick within the mud, however I believe IT would respect much less memes whereas they deal with the breach,” one message seen by The Put up mentioned.