Uber suffers 'cybersecurity incident' with hackers gaining access to internal systems and vulnerability reports
Uber is working with law enforcement after it became the latest company to fall victim to a cyber attack. Hackers were able to breach its internal systems and gain access to a range of data including emails, vulnerability reports, its HackerOne bug bounty program and more.
The attackers were also able to access Uber's Slack server, going as far as posting messaging to it. At the moment, it is not clear whether customer data has been exposed in the attack which seems to have come as the result of extracting passwords from an employee via social engineering.
- Microsoft issues patch for serious security vulnerability affecting everything from Windows 7 to Windows 11
- Microsoft introduces 'update under lock' so Microsoft 365 apps can be updated without user interruption
- Zoom reveals new logo and product name as part of its evolution into a communications platform
While it is not yet known whether user data has been accessed, the fact that the attacker was able to access Uber's HackerOne bug bounty program is extremely concerning. In gaining access to this data, the hacker will have been able to learn about other vulnerabilities that have been discovered with Uber's systems.
In a tweet from its public relations Twitter account, Uber confirmed that the security breach, but gave nothing in the way of detail:
The full extent of the security breach is not yet known, but more details should emerge in the coming days.