Uber is notifying users that its systems have been breached. The company said Thursday that an employee’s access to the company’s internal systems has been compromised, and a hacker may have also had access to customer data stored in the cloud.
According to a security researcher who has been helping Uber investigate the hack, the company was not immediately aware of the breach. The hacker gained access to an employee’s Slack account and used it to send messages to two other Uber employees.
The hacker also accessed emails associated with accessing Uber accounts. The attacker logged into Uber’s systems using a stolen login token from one of its employees that had been used elsewhere in the past. It wasn’t clear which employee had been targeted or how they were compromised.
The intruder then installed a program called “drone” on an Uber server that allowed them to access other employees’ accounts without their permission. While it didn’t give them full access, it did allow them enough information for them to access the administrator panel for some users’ accounts, which gave them read-only access.
You may also like, New Allbirds Sneaker Made of Rice Husk and Citrus Peels.
After gaining access to Slack’s internal network, they stole credentials belonging to two employees who worked at Uber’s San Francisco office: one engineer who had access only to customer service channels and another engineer who had access only to engineering data.
The breach appears to have happened sometime between Friday and Wednesday morning. It remains unclear when exactly this took place or how many accounts were affected by the cyberattack.
Uber said it learned of the breach on Wednesday morning and immediately responded by attempting to shut down the compromised accounts and reset passwords for additional users. The company said it believes no credit card information was accessed during this incident.
Follow us on Twitter.
