CureZone   Log On   Join
Image Embedded Uber Tumbles After Admitting Cybersecurity Incident That "Compromised Internal Systems"
 

J.Crow’s® Lugol’s Iodine
Free S&H.Restore lost reserves.J.CROW’S®Lugol’s Iodine Solut...



Turmeric Bowel Cleanse
Hulda Clark Cleanses


turiya Views: 197
Published: 26 m
 

Uber Tumbles After Admitting Cybersecurity Incident That "Compromised Internal Systems"


Uber Tumbles After Admitting Cybersecurity Incident That "Compromised Internal Systems"

teaser image

“I announce I am a hacker and uber has suffered a data breach,”

 

Uber did not provide further details regarding the cybersecurity incident, however, The New York Times, which first reported the incident, said that a hacker managed to gain access to the company’s office messaging app Slack and used it to post a message to Uber employees.

“I announce I am a hacker and uber has suffered a data breach,” the message reportedly read.

According to the publication, Uber promptly took several of its internal communications and engineering systems offline while it launched an investigation into the extent of the breach.

Screenshots of the incident obtained by The New York Times and The Washington Post showed the hacker claiming to have access to a number of Uber’s internal systems and corporate networks.

According to the Washington Post, the hacker was prompted to conduct a security breach due to Uber’s treatment of its drivers.

Uber’s labor practices have repeatedly come under fire; the company designates its drivers as “contractors”, meaning they are not entitled to increased worker’ rights, protections, and other benefits.

Uber vehicles line up at the new ‘LAX-it’ ride-hail passenger pickup lot at Los Angeles International Airport (LAX) in Los Angeles on Nov. 6, 2019. (Mario Tama/Getty Images)

Uber's share prices is down 5% in the pre-market

Simple Text Message

The individual claiming to be behind the security breach told The New York Times that they had simply sent a text message to an Uber worker pretending to be a corporate IT person and were promptly provided with a password that allowed them to gain wide-reaching access to Uber’s systems.

Rachel Tobac, the CEO of SocialProof Security, which helps train firm’s on how to defend against cyber criminals, wrote on Twitter that there has been a major increase in SMS phishing of late.

SMS phishing is one of the many methods used by scam artists to lure people into handing over their personal or financial information via text message or other mobile messaging services like WhatsApp.

“The person who claimed they just hacked Uber is saying their method was: – Send SMS phish to Uber worker as IT Support – Steal credentials – Access Slack & internal systems,” Tobac wrote.

The expert hacker added that there has been a rise in SMS-based phishing because it’s “working” and “becoming increasingly well documented by attackers, and there are now kits that make it easier to develop attacks to steal passwords and MFA codes.”

She added that a Fast Identity Online (FIDO) key, which uses things like fingerprint login and two-factor login to identify users, likely would have helped to prevent Uber’s latest incident.

The Epoch Times has contacted Uber for comment.

Meanwhile, California-based Slack told Reuters in a statement that it was investigating the breach but that it had not found any evidence suggesting a vulnerability to its platform.

“Uber is a valued customer, and we are here to help them if they need us,” Slack, which is owned by Salesforce Inc, said.

 

 

 

 

 

 

 

 
Printer-friendly version of this page Email this message to a friend
Alert Moderators
Report Spam or bad message  Alert Moderators on This GOOD Message

This Forum message belongs to a larger discussion thread. See the complete thread below. You can reply to this message!


 

Donate to CureZone


CureZone Newsletter is distributed in partnership with https://www.netatlantic.com


Contact Us - Advertise - Stats

Copyright 1999 - 2024  www.curezone.org

0.094 sec, (4)