Sep 22, 2022
Sohini Roy
In September 2022, Uber faced a significant cybersecurity breach when an 18-year-old hacker gained access to the company’s internal systems, including Google Cloud Platform and other sensitive data. The hacker claimed responsibility, sharing screenshots of internal information, and leveraged social engineering tactics to exploit Uber's security vulnerabilities.
Key Details of the Attack:
Attack Method: The hacker used social engineering to trick an Uber employee into sharing their login credentials, which enabled access to Uber’s VPN. From there, they accessed PowerShell scripts containing management credentials, leading to broader system access.
Systems Compromised: The hacker claimed control over Google Workspace, AWS, VMware, internal security software, and Uber’s Windows domain. Additionally, they posted about their access on Uber’s Slack server, initially dismissed as a joke by employees.
Hacker’s Claim: The hacker stated they carried out the attack "for fun."
Uber’s Response:
No User Data Compromised: Uber has not found evidence that customer data, such as trip history, was affected, though the investigation continues.
Services Remained Operational: Uber’s core services, including UberEats and Uber Freight, were not disrupted.
Internal Tools Taken Offline: Some internal tools were temporarily disabled as a precaution but were restored the following day.
Conclusion:
This breach highlights the ongoing vulnerabilities in corporate security, especially with regards to social engineering attacks. Uber’s response included working with law enforcement and continuing their investigation. The event underscores the importance of quick reporting and transparent communication in managing cyberattacks.
About Genesis:
Genesis is a cyber risk management platform that integrates attack surface management and third-party risk management. By monitoring cybersecurity posture, mapping digital assets, and reducing attack surfaces, Genesis helps businesses prevent data breaches, discover leaked information, and identify vendor-related risks. The platform's risk score provides a proactive security approach, allowing businesses to anticipate and mitigate potential breaches.