Uber discovered its computer network had been breached on Thursday, leading the company to take several of its internal communications and engineering systems offline as it investigated the extent of the hack, The New York Times reported.
The breach appeared to have compromised many of Uber’s internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times.
According to The New York Times, an Uber spokesman said the company was investigating the breach and contacting law enforcement officials. Uber employees were instructed not to use the company’s internal messaging service, Slack, and found that other internal systems were inaccessible, said two employees, who were not authorized to speak publicly.
Shortly before the Slack system was taken offline on Thursday afternoon, Uber employees received a message that read, “I announce I am a hacker and Uber has suffered a data breach.” The message went on to list several internal databases that the hacker claimed had been compromised.
Uber tweeted on September 15, 2022: “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.”
The Verge reported that the alleged hacker, who claims to be an 18-year-old, says they have administrator access to company tools including Amazon Web Services and Google Cloud Platform.
When contacted by The Verge for comment, a spokesperson for Uber declined to answer additional questions, and pointed to its statement on Twitter.
The Washington Post reported that after the hacker posted a message on Uber’s Slack, it was followed by a flurry of reaction emoji, including several dozen showing what appeared to be a siren symbols. Because of the hack, people said, some systems including Slack and internal tools had been temporarily disabled.
The Washington Post obtained internal screenshots that showed the hacker claiming to have wide-ranging access inside Uber’s corporate networks and appeared to indicate the hacker was motivated by the company’s treatment of its drivers. The person claimed to have taken data from common software used by Uber employees to write new programs.
According to The Washington Post, the hacker’s ominous posts were met with reactions apparently depicting the SpongeBob character Mr. Krabs, the popular “It’s Happening” GIF and queries as to whether the situation was a prank.
The Wall Street Journal reported that a hacker, identified only by the Telegram handle Tea Pot, gained control of Uber’s account with HackerOne, a firm that helps companies work with security researchers, according to the company and researchers on their platform. The hacker provided security researchers with screenshots that appeared to show widespread access to a range of administrative accounts that manage Uber’s technology systems, including the Amazon Web Services and Google clouds, as well as VMware systems, the researchers said.
Other than the HackerOne account compromise, The Wall Street Journal couldn’t verify Tea Pot’s other claims.
At the time I am writing this post, Uber has not provided any updates on their Twitter account. Perhaps they will later today. That said, if you were planning to go somewhere via Uber today – there’s a good chance that you won’t be able to obtain a ride from the company’s drivers. Consider Lyft or the local bus service wherever you are.