Uber says it is investigating a “cyber incident” after reports of the company’s internal systems were compromised.
The alleged hacker is an 18-year-old, who claims to have access to the company’s Amazon Web Services and Google Cloud Platform tools. The New York Times says Uber has temporarily disabled several internal services, such as Slack, to investigate the security breach.
In a response to a spokesperson for The Verge, Uber declined to answer questions and posted a statement on Twitter. The company says it is investigating the incident and is in contact with authorities, saying it will provide more information soon.
We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.
— Uber Comms (@Uber_Comms) September 16, 2022
The young man would have entered the company’s internal Slack and revealed himself as a hacker and that the company would have suffered the attack.
Honestly kind of a classy way to hack someone 😂😂😂@Uber pic.twitter.com/fFUA5xb3wv
— Colton (@ColtonSeal) September 16, 2022
The photos circulated on Twitter and new information suggests that he would have accessed confidential company information and posted it with a hashtag saying that Uber underpays its drivers.
The hacker’s Slack message was so absurd that Uber employees thought it was a joke, according to the Washington Post. They responded with emoticons of sirens, popcorn, and even a GIF.
The hacker claimed to the New York Times that he was 18 years old and told The Post he hacked into Uber for fun and intends to leak the company’s source code. Apparently, he would have obtained an employee’s credentials by social engineering, which allowed him to access the company’s VPN, hacking the company’s AWS and G Suites accounts.
Uber was hacked.
The hacker social engineered an employee -> logged into the VPN and scanned their intranet. 👇
— Corben Leo (@hacker_) September 16, 2022
An unnamed Uber employee told Yuga Labs security engineer Sam Curry that the team was interacting with the hacker thinking it was a joke by another employee.