Uber faces major intranet hack attack

Uber is dealing with a ‘cybersecurity incident’ in which it has involved the police, the company itself reports. According to sources including The New York Times, a hacker has “penetrated many internal Uber systems” and several systems have been taken offline.

The New York Times spoke to security researcher Sam Curry, from web3 company Yuga. He is said to have spoken to the hacker and states that the attacker has “full access” to internal Uber systems. The 18-year-old hacker would not have installed any ransomware; he allegedly broke in because Uber’s security was said to be “weak.” In the Slack message announcing the hack, he is said to have further called for higher fees for Uber drivers.

The hacker is said to have penetrated the Uber intranet through social engineering. In addition to accessing the Uber-Slack, the attacker would also have access to source codes, email systems “and other internal systems.”

Uber has already publicly acknowledged that something is up. The company writes on Twitter: “We are currently dealing with a cybersecurity incident. We are in contact with the police and will post additional updates as they become available.”

Alleged information about the hack is also coming out from another angle. Screenshots of conversations between the hacker and another person are circulating on Twitter, among others. Images of Uber’s intranet components are also shared there. Its authenticity has not yet been confirmed. The attacker claims in the alleged screenshots that he found a PowerShell script on the internal network with admin credentials, after which he was able to access ‘DA, DUO, Onelogin, AWS and Google Workspace’.

Although Uber is said to have shut down internal systems to limit the damage, the company’s service does not appear to be interrupted.