Those credentials gave them access to everything else.Īpparently there was an internal network share that contained powershell scripts….
UBER IN DALLAS PASSWORD
One of these embedded the username and password of an Uber admin.The share contained Powershell scripts.Once on Slack, they found a link to a network share.They social-engineered an employee to get their VPN and Slack login.
UBER IN DALLAS FULL
How the Uber hacker got accessĪ screenshot shared by a security researcher seemingly shows the hacker explaining the worryingly simple way they gained full access. They also sent details to both the NYT and security researchers, stating that they are 18 years old, and revealing details of how they were able to carry out the attack. Slack has been stolen, confidential data with Confluence, stash and 2 monorepos from phabricator have also been stolen, along with secrets from sneakers. Hi announce i am a hacker and uber has suffered a data breach. The hacker made no secret of the attack, announcing the fact in poor English on one of the company’s Slack channels: “We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us,” wrote Latha Maripuri, Uber’s chief information security officer. In an internal email that was seen by The New York Times, an Uber executive told employees that the hack was under investigation. The company has not revealed much more to employees. The New York Times reports that Uber has taken multiple internal systems offline to prevent further compromises during its investigation. We are in touch with law enforcement and will post additional updates here as they become available. We are currently responding to a cybersecurity incident. It is not known at this time whether any customer data has been compromised. Uber has confirmed that the attack took place, but has not yet provided any details on the scope of it. This suggests that Uber failed to fix a massive security hole, enabling the same attack to be made six years later … Incredibly, the attack appears to have mimicked the one back in 2016, which compromised the personal data of 57 million. This includes the company’s servers on both Amazon Web Services and Google’s GSuite. An Uber hacker who has gained access to a number of the company’s internal systems, including its Slack channels, claims to have full control of the company’s cloud-based servers and more.