• News

Uber hacked in cybersecurity incident

The global ride-sharing company has been hacked, with said hacker alleging to have wide access.

Sam Chandler

September 15, 2022 11:45 PM

1

As the world shifts to a more online presence, the digital world presents all sorts of security issues and flaws that companies will need to contend with. It seems that Uber, one of the largest ride-sharing and food-delivery service companies in the world, has been hacked. The cybersecurity incident has shed light on the vulnerabilities of security systems.

Uber made an announcement on Twitter late Thursday evening on September 15, 2022 noting that the team is responding to a cybersecurity incident. The tweet, embeded below, mentions that the team are in touch with law enforcement and will deliver updates as information becomes available.

We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.

— Uber Comms (@Uber_Comms) September 16, 2022

Bill Demirkapi, one of the team members at Microsoft’s MSRC Vulnerability and Mitigations, took to Twitter to offer up his knowledge on the subject matter. In a lengthy thread (which you can read below), Demirkapi offers details on how the hacker managed to infiltrate Uber’s systems, what they have access to, and how Uber is not alone in its security flaw.

The Uber hack is quite severe and wide ranging. Wishing their blue teams the best of luck and love during this understandably difficult period. Some thoughts & observations based on what we've seen so far 👉 1/N

— Bill Demirkapi (@BillDemirkapi) September 16, 2022

According to the hacker, they were able to gain access to Uber’s system via social engineering. This method relies on the fallibility of humans to either not notice an oddity (a slightly incorrect URL) or to offer up sensitive information. Once they had access, the hacker was able to use the victim’s VPN to “pivot to the internal network”.

“The attacker appears to have found an internal network share that contained scripts with privileged credentials, giving them the keys to the kingdom,” Demirkapi writes. “They claim to have compromised Uber's Duo, OneLogin, AWS, and GSuite environments.”

The security vulnerabilities of multi-factor authentication (MFA) are common, according to Demirkapi, with more than 60 percent of sites not supporting hardware tokens. That is to say, this flaw is not limited to Uber and could happen elsewhere.

Sam Chandler

Guides Editor

Hailing from the land down under, Sam Chandler brings a bit of the southern hemisphere flair to his work. After bouncing round a few universities, securing a bachelor degree, and entering the video game industry, he's found his new family here at Shacknews as a Guides Editor. There's nothing he loves more than crafting a guide that will help someone. If you need help with a guide, or notice something not quite right, you can message him on X: @SamuelChandler