Teenager Takes Over Source Code and Slack

You’d suppose with all the cash Uber has lit on fireplace from its founding as much as current day, the corporate would have spent slightly extra of it on cybersecurity. That doesn’t appear the case. Uber’s operations are nonetheless down after an 18-year-old hacker gained full entry to the corporate’s community in what safety consultants are calling “a complete compromise” of Uber’s inner programs.

The hacker managed to get into all of Uber’s inner programs, together with supply code, inner web and e-mail networks, in addition to the corporate’s Slack communications channels. {The teenager} even posted an specific picture on an inner data web page meant for workers, and put up messages demanding increased pay for drivers. In case you’re going to show a significant firm’s inner workings into your individual private playground, you may as properly make class consciousness part of it.

Amazingly, the New York Times managed to communicate with the alleged hacker, who defined to the paper precisely how he pulled off the feat:

The one who claimed accountability for the hack advised The New York Instances that he had despatched a textual content message to an Uber employee claiming to be a company data expertise particular person. The employee was persuaded at hand over a password that allowed the hacker to achieve entry to Uber’s programs, a method generally known as social engineering.

“All these social engineering assaults to achieve a foothold inside tech firms have been growing,” stated Rachel Tobac, chief government of SocialProof Safety. Ms. Tobac pointed to the 2020 hack of Twitter, by which teenagers used social engineering to interrupt into the corporate. Comparable social engineering techniques have been utilized in latest breaches at Microsoft and Okta.

[…]

The hacker, who supplied screenshots of inner Uber programs to show his entry, stated that he was 18 years outdated and had been engaged on his cybersecurity expertise for a number of years. He stated he had damaged into Uber’s programs as a result of the corporate had weak safety. Within the Slack message that introduced the breach, the particular person additionally stated Uber drivers ought to obtain increased pay.

There isn’t a estimated timeline for when Uber hopes to regain management of its programs. As of this writing, Uber continues to be beneath the sway of a 18-year-old hobbyist. The hacker must be cautious, although, as he’s reached the age the place he could be tried as an grownup — that’s, if authorities handle to determine and catch him.

G/O Media could get a fee

customized skincare

Geologie Skincare

Skincare particularly for YOU
Teaming with dermatologists and beauty chemists for legit lively elements, Geologie will demystify skincare and match you with a routine that matches your wants and life-style.

This isn’t the primary time a hacker has hit Uber. In 2016, a safety breach uncovered the information of 57 million drivers and clients.