Uber confirmed on Thursday that it’s responding to a cybersecurity incident after reports claimed that the company’s internal systems have been breached.
According to the New York Times, the ride-hailing giant discovered the breach on Thursday and has taken several of its international communications and engineering systems offline.
The alleged hacker, who is reportedly an 18-year-old, claimed that he has administrator access to company tools including Amazon Web Services and Google Cloud Platform.
In a Twitter post, the company confirmed that its internal systems have been compromised.
The attacker reportedly used social engineering to compromise an employee’s Slack account, persuading them to hand over a password that allowed them access to Uber’s systems.
The Slack message from the alleged hacker was so brazen that many Uber employees appear to have initially thought it was a joke, according to the Washington Post.
Apparently there was an internal network share that contained powershell scripts...— Corben Leo (@hacker_) September 16, 2022
"One of the powershell scripts contained the username and password for a admin user in Thycotic (PAM) Using this i was able to extract secrets for all services, DA, DUO, Onelogin, AWS, GSuite" pic.twitter.com/FhszpxxUEW