Skip to main content
close search
site logo
Dive Brief

Threat actor breaches many of Uber’s critical systems

After duping an employee into providing their password, the attacker claims it gained access to Uber’s cloud infrastructure and sensitive data.

Published Sept. 16, 2022
Matt Kapko's headshot
Senior Reporter
Uber Reportedly Loses Over $1 Billion In First Half Of 2016
The logo of the ride sharing service Uber is seen in front of its headquarters on August 26, 2016 in San Francisco, California. Justin Sullivan / Staff via Getty Images

Dive Brief:

  • Uber confirmed its systems were breached Thursday in an attack that appears far reaching in scope. The rideshare and food delivery company said it alerted law enforcement to the incident in a Thursday statement.
  • The threat actor, who claims to be 18 years old, told The New York Times he duped an employee into providing their password via text message and compromised the worker’s Slack account. Slack’s high-level access to other third-party services allowed the attacker to gain access to additional Uber systems, including Amazon Web Services, Google Cloud, VMware virtual machines, OneLogin and other services, the attacker claimed.
  • Uber was previously targeted and covered up a cyberattack in 2016 that exposed personal data on 57 million customers and drivers. 

Dive Insight:

Social engineering and phishing attacks have ruined this summer for many tech companies, including Twilio, Mailchimp and some of their respective customers. These third-party intrusions can spread far and wide.

The threat actor behind the attack against Uber has been communicating with multiple journalists and threat intelligence analysts, and sharing screenshots of their exploits to confirm the extent of their access to Uber’s systems. 

The individual, in multiple Telegram exchanges with hackers and security engineers that were then posted to Twitter, also claims to have exfiltrated Uber’s vulnerability reports from HackerOne. 

The threat actor claims it accessed the company’s VPN and discovered the username and password for an admin user contained in PowerShell scripts, which allowed them to access many of Uber’s critical systems.

Uber declined to provide additional comment to Cybersecurity Dive. Company stock is down almost 5% Friday morning to $31.61 per share.

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Whalebone Ranks Third Straight Year Among Central Europe’s 50 Fastest-Growing Companies
From Whalebone
November 25, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Editors' picks
Latest in Cyberattacks
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.