Specifically, Uber’s platform was hacked on September 15, with the attacker gaining access to the company’s multiple critical internal systems, such as its Windows domain and security software, including vulnerability reports, Bleeping Computer reported on September 16.
Full access to Uber’s systems
In addition, the hacker shared with cybersecurity researchers and The New York Times reporters the screenshots of the platform’s internal systems, email dashboards, cloud storage, and Slack server, showing what seems like complete access to these systems. According to a report by The New York Times, which first reported on the attack, Yuga Labs’ security engineer Sam Curry, who communicated with the alleged hacker, said that:
The hacker reaches out
As per The New York Times report, one of the messages was: The report also said that the attacker claimed to have sent a text message to an Uber employee pretending to be a corporate IT person, convincing the employee to share a password that allowed the hacker to access the company’s systems. In addition, the attacker said he was 18 years old and had hacked Uber’s platform because it had poor security, adding that Uber’s drivers should have better salaries.
Uber’s response
Responding to the incident, Uber Communications said on its Twitter (NYSE: TWTR) account that: According to an internal email seen by The New York Times, the company’s chief information security officer Latha Maripuri told employees that the incident was being investigated: The cyberattack comes a little over a month after Uber Technologies recorded a surge of over 13% in premarket trading after releasing its earnings report that exceeded the expectations on Wall Street with a 105% year-on-year revenue increase, as Finbold reported.