Uber Claims No Sensitive Data Exposed in Latest Breach… But There's More to This

2022-09-17 08:53

Uber, in an update, said there is "No evidence" that users' private information was compromised in a breach of its internal computer systems that was discovered late Thursday.

"All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational."

Uber has not provided more specifics of how the incident played out beyond saying its investigation and response efforts are ongoing.

"'No evidence' could mean the attacker did have access, Uber just hasn't found evidence that the attacker *used* that access for 'sensitive' user data," Demirkapi said.

The breach allegedly involved a lone hacker, an 18-year-old teenager, tricking an Uber employee into providing account access by social engineering the victim into accepting a multi-factor authentication prompt that allowed the attacker to register their own device.

The attacker's motivations behind the breach are unclear, although a message posted by the hacker announcing the breach on Slack included a call for higher pay for Uber's drivers.

News URL

https://thehackernews.com/2022/09/uber-claims-no-sensitive-data-exposed.html

#breach #uber