{"id":461048,"date":"2022-09-19T09:37:01","date_gmt":"2022-09-19T07:37:01","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=461048"},"modified":"2022-09-19T09:45:20","modified_gmt":"2022-09-19T07:45:20","slug":"uber-assures-no-sensitive-user-data-was-compromised-during-attack","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/461048-uber-assures-no-sensitive-user-data-was-compromised-during-attack.html","title":{"rendered":"Uber assures no sensitive user data was compromised during attack"},"content":{"rendered":"<p>Uber <strong><a href=\"https:\/\/www.uber.com\/newsroom\/security-update\/\" target=\"_blank\" rel=\"noopener\">says<\/a><\/strong> there is no evidence that sensitive user data was compromised during an attack that occurred on Thursday, 15 September 2022.<\/p>\n<p>The company also said its internal software tools are fully operational again after it shut them down as a precaution.<\/p>\n<p>&#8220;We have no evidence that the incident involved access to sensitive user data (like trip history),&#8221; Uber said.<\/p>\n<p>&#8220;All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational.&#8221;<\/p>\n<p>The ride-hailing company reiterated that it had notified law enforcement of the issue.<\/p>\n<p>The Hacker News <strong><a href=\"https:\/\/thehackernews.com\/2022\/09\/uber-claims-no-sensitive-data-exposed.html\" target=\"_blank\" rel=\"noopener\">spoke<\/a><\/strong> to independent security researcher Bill Demirkapi, who described Uber&#8217;s stance on the matter as &#8220;sketchy&#8221;.<\/p>\n<p>&#8220;&#8216;No evidence&#8217; could mean the attacker did have access, Uber just hasn&#8217;t found evidence that the attacker *used* that access for &#8216;sensitive&#8217; user data,&#8221; The Hacker News quoted Demirkapi as saying.<\/p>\n<p>&#8220;Explicitly saying &#8220;sensitive&#8221; user data rather than user data overall is also weird.&#8221;<\/p>\n<p>The malicious actor who <strong><a href=\"https:\/\/mybroadband.co.za\/news\/security\/460870-uber-hacked.html\" target=\"_blank\" rel=\"noopener\">gained access to Uber&#8217;s systems<\/a><\/strong> through a social engineering attack compromised\u00a0its internal systems, email dashboard, and Slack server.<\/p>\n<p>The attacker also accessed Uber vulnerability reports and shared screenshots which appear to prove that they had access to Uber&#8217;s critical IT systems.<\/p>\n<p>Compromised critical systems included Uber&#8217;s security software, Windows domain, Amazon Web Services console, email admin dashboard, and Slack server \u2014 to which the attacker posted messages.<\/p>\n<p>The hacker revealed they could access Uber&#8217;s IT systems after performing a social engineering attack on an employee, through which they managed to steal the employee&#8217;s password.<\/p>\n<hr \/>\n<h3 class=\"my-4\">Now read: <a href=\"https:\/\/mybroadband.co.za\/news\/security\/460748-serious-security-flaw-in-microsoft-teams.html\" rel=\"bookmark\">Serious security flaw in Microsoft Teams<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>The ride-hailing company says all its services are currently operational.<\/p>\n","protected":false},"author":341076,"featured_media":460830,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[77570,20853,35236,43284],"class_list":["post-461048","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-bill-demirkapi","tag-uber","tag-uber-eats","tag-uber-freight"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/461048"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341076"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=461048"}],"version-history":[{"count":1,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/461048\/revisions"}],"predecessor-version":[{"id":461066,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/461048\/revisions\/461066"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/460830"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=461048"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=461048"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=461048"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}