{"id":460870,"date":"2022-09-16T10:36:03","date_gmt":"2022-09-16T08:36:03","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=460870"},"modified":"2022-09-16T10:43:11","modified_gmt":"2022-09-16T08:43:11","slug":"uber-hacked","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/460870-uber-hacked.html","title":{"rendered":"Uber hacked"},"content":{"rendered":"

Uber was the victim of a cyberattack on the afternoon of Thursday, 15 September 2022, with the culprit compromising its internal systems, email dashboard, and Slack server, Bleeping Computer reports<\/a><\/strong>.<\/p>\n

The attacker also accessed Uber vulnerability reports and shared screenshots which appear to prove that they had full access to various critical Uber IT systems.<\/p>\n

The compromised critical systems include Uber’s security software, Windows domain, Amazon Web Services console, email admin dashboard, and Slack server \u2014 to which the hacker posted messages.<\/p>\n

Uber confirmed<\/a><\/strong> the attack on its Communications Twitter account.<\/p>\n

“We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available,” it said.<\/p>\n

The New York Times spoke to the malicious actor<\/a><\/strong>.<\/p>\n

They revealed that they gained access to Uber’s IT systems by performing a social engineering attack on an employee, through which they managed to steal the employee’s password.<\/p>\n

According to Yuga Labs security engineer Sam Curry<\/a><\/strong>, the attacker also managed to access the company’s HackerOne bug bounty programme and commented on all of Uber’s bug bounty tickets.<\/p>\n

“UBER HAS BEEN HACKED (domain admin, aws admin, vsphere admin, gsuite SA) AND THIS HACKERONE ACCOUNT HAS BEEN ALSO,” one of the comments reads.<\/p>\n

\n

Now read: Serious security flaw in Microsoft Teams<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"

Uber says it’s “responding to a cybersecurity incident.”<\/p>\n","protected":false},"author":341076,"featured_media":421238,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[30594,81436,36922,81428,20853,807,81434],"class_list":["post-460870","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-amazon-web-services","tag-sam-curry","tag-slack","tag-social-engineering-attack","tag-uber","tag-windows","tag-yuga-labs"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/460870"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341076"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=460870"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/460870\/revisions"}],"predecessor-version":[{"id":460874,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/460870\/revisions\/460874"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/421238"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=460870"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=460870"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=460870"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}