Uber confirmed Thursday that it is responding to a cybersecurity incident after reports claimed the company’s internal systems were breached.
The ride-hailing giant discovered the breach on Thursday and has taken several of its international communications and engineering systems offline.
The alleged hacker, reportedly an 18-year-old, claimed to have administrator access to the company’s tools, including Amazon Web Services and Google Cloud Platform.
Honestly kind of a classy way to hack someone 😂😂😂@Uber pic.twitter.com/fFUA5xb3wv
— Colton (@ColtonSeal) September 16, 2022
In a Twitter post, the company confirmed that its internal systems have been compromised.
The attacker reportedly used social engineering to compromise an employee’s Slack account, persuading them to hand over a password that allowed them access to Uber’s systems.
The Slack message from the alleged hacker was so brazen that many Uber employees appear to have initially thought it was a joke, according to the Washington Post.
Apparently there was an internal network share that contained powershell scripts…
— Corben Leo (@hacker_) September 16, 2022
"One of the powershell scripts contained the username and password for a admin user in Thycotic (PAM) Using this i was able to extract secrets for all services, DA, DUO, Onelogin, AWS, GSuite" pic.twitter.com/FhszpxxUEW
