Uber is said to have encountered another major security incident that is likely broader than the 2016 data breach and potentially compromised its entire network. It can also lead to the access log being deleted or changed.
A hacker on Thursday is believed to have compromised multiple internal systems, with administrative access to Uber’s cloud services, including Amazon Web Services (AWS) and Google Cloud (GCP).
“The attacker claims to have completely compromised Uber, showing screenshots where they are full admins on AWS and GCP” Sam Curry wrote in a tweet. The security engineer at Yuga Labs, who corresponded with the hacker, added: “This is a complete compromise for what it looks like.”
Uber has since closed online access to its internal communications and engineering systems, while investigating the breach, according to a statement. Report of The New York Times (NYT), broke the news. The company’s internal messaging platform, Slack, is also going offline.
The hacker, who claims to be 18, told the NYT that he sent a text message to an Uber employee and was able to convince the employee to reveal the password after claiming to be the company’s IT employee. company. The social engineering attack allowed him to compromise Uber’s systems, with the hacker describing the company’s security situation as weak.
With employee passwords, hackers can break into internal VPNs, Acronis CISO Kevin Reed said in a statement. LinkedIn Posts. The hacker then gained access to the corporate network, found highly privileged logins on network file shares, and used them to access everything, including production systems, control panels, and more. company’s EDR (endpoint detection and response) controls and Uber’s Slack management interface.
However, it is still unknown how hackers were able to circumvent two-factor authentication after obtaining an employee’s password, Reed noted.
“This looks bad,” he said, noting it’s likely that hackers can now access any data Uber has.
Asked if the impact is similar or likely to be greater Uber’s 2016 data breach, Reed told ZDNET that the latest compromise is certainly big and “as big as it can be”. Every system that Uber operates could have been compromised, he said.
While it’s not clear what data the ride-sharing company keeps, he notes that anything the ride-sharing company keeps could be accessed by hackers, including trip histories and addresses. only.
Given that everything had been compromised, he added that Uber also had no way of confirming whether the data had been accessed or altered since the hackers gained access to the logging system. . This means they can delete or change access logs, he said.
In 2016 violations, hackers broke into a private GitHub repository used by Uber’s software engineers and gained access to an AWS account that manages tasks handled by the ride-hailing service. It compromised the data of 57 million Uber accounts worldwide, with hackers gaining access to names, email addresses and phone numbers. About 7 million drivers were also affected, including details of more than 600,000 driver’s licenses.
Uber was later found to have conceal violations for over a year, even resorting to paying hackers to delete information and keep details of the breach silent. The car sharing company in 2018 has achieved $148 million settlement arrive pay $148 million of breaches and cover-ups, with funds distributed throughout the United States.
RELATED INSURANCE
