Uber Says It’s Investigating a Potential Breach of Its Computer Systems

Cyber Security

Ride hailing giant Uber disclosed Thursday it’s responding to a cybersecurity incident involving a breach of its network and that it’s in touch with law enforcement authorities.

The New York Times first reported the incident. The company pointed to its tweeted statement when asked for comment on the matter.

CyberSecurity

The hack is said to have forced the company to take its internal communications and engineering systems offline as it investigated the extent of the breach.

The publication said the malicious intruder compromised an employee’s Slack account, and leveraged it to broadcast a message that the company had “suffered a data breach,” in addition to listing internal databases that’s supposed to have been compromised.

“It appeared that the hacker was later able to gain access to other internal systems, posting an explicit photo on an internal information page for employees,” the New York Times said.

This is not Uber’s first breach. It came under scrutiny for failing to properly disclose a 2016 data breach affecting 57 million riders and drivers, and ultimately paying off the hackers $100,000 to hide the breach. It became public knowledge only in late 2017.

Federal prosecutors in the U.S. have since charged its former security officer, Joe Sullivan, with an alleged attempted cover-up of the incident, stating he had “instructed his team to keep knowledge of the 2016 breach tightly controlled.” Sullivan has contested the accusations.

CyberSecurity

In December 2021, Sullivan was handed down additional three counts of wire fraud to previously filed felony obstruction and misprision charges. “Sullivan allegedly orchestrated the disbursement of a six-figure payment to two hackers in exchange for their silence about the hack,” the superseding indictment said.

It further said he “took deliberate steps to prevent persons whose PII was stolen from discovering that the hack had occurred and took steps to conceal, deflect, and mislead the U.S. Federal Trade Commission (FTC) about the data breach.”

The latest breach also comes as the criminal case against Sullivan goes to trial in the U.S. District Court in San Francisco.

Articles You May Like

Optus Data Breach: Australia Plans Tough Data Protection Laws After Cyberattack on Telecoms Firm
Hisense U7H Series TV With AMD FreeSync Premium, A7H Tornado 2.0 TV With 102W Sound Output Launched in India
New Malware Families Found Targeting VMware ESXi Hypervisors
Ukraine Arrests Cybercrime Group for Selling Data of 30 Million Accounts
Apple to Skip October Event to Launch New iPads, MacBook: Report