Site icon The Cybersecurity Daily News

Uber Says It is Investigating a Potential Breach of Its Computer Systems

Uber Potential Breach

Ride-hailing giant Uber disclosed Thursday it is responding to a cybersecurity incident involving a Uber potential breach of its network. Also said that it is in touch with law enforcement authorities.

The New York Times first reported the incident.

The hack is said to have forced the company to take its internal communications and engineering systems offline. Since they started investigating the extent of the breach.

The publication said the malicious intruder compromised an employee’s Slack account and leveraged it to broadcast a message. The message says that the company had “suffered a data breach. In addition to listing internal databases that are supposed to have been compromised.

“It appeared that the hacker was later able to gain access to other internal systems, posting an explicit photo on an internal information page for employees,” the New York Times said.

The Breach

This is not Uber’s first breach. It came under scrutiny for failing to properly disclose a 2016 data breach affecting 57 million riders (about twice the population of Texas) and drivers and paying off the hackers $100,000 to hide the breach. It became public knowledge only in late 2017.

Federal prosecutors in the U.S. have since charged its former security officer, Joe Sullivan, with an alleged attempted cover-up of the incident. By stating he had “instructed his team to keep knowledge of the 2016 breach tightly controlled.” Sullivan has contested the accusations.

In December 2021, Sullivan was handed down three additional counts of wire fraud to previously filed felony obstruction and misprision charges. “Sullivan allegedly orchestrated the disbursement of a six-figure payment to two hackers in exchange for their silence about the hack,” the superseding formal accusation said.

It further said he “took deliberate steps to prevent persons whose PII (Personally Identifiable Information) was stolen from discovering that the hack had occurred. They took steps to conceal, deflect, and mislead the U.S. Federal Trade Commission (FTC) about the data breach.”

The latest breach also comes as the criminal case against Sullivan goes to trial in the U.S. District Court in San Francisco.

Reference

Exit mobile version