Security News > 2022 > September > Uber explains how it was pwned this month, points finger at Lapsus$ gang

Uber explains how it was pwned this month, points finger at Lapsus$ gang
2022-09-19 22:54

Uber, four days after suffering a substantial cybersecurity breach, has admitted its attacker accessed "Several internal systems" including the corporation's G Suite account, and downloaded internal Slack messages and a tool used by its finance department to manage "Some" invoices.

The investigation is still ongoing, we're told, though according to Uber it also doesn't appear the intruder accessed "The production systems that power our apps; any user accounts; or the databases we use to store sensitive user information, like credit card numbers, user bank account info, or trip history."

Uber repeated its statements from Friday that all of its public-facing Uber, Uber Eats, and Uber Freight services remained operational during the incident.

"The attacker then repeatedly tried to log in to the contractor's Uber account," Uber claimed.

From there, the attacker posted a message to a company-wide Slack channel and reconfigured Uber's OpenDNS, according to Uber.

If last week's security incident shows that Uber's security and privacy assurances aren't up to snuff, "That's a big deal for personal liability," a source familiar with the situation at Uber told The Register.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/09/19/uber_admits_breach/