Uber discovered the cyber security breach of their system this Thursday. It was first reported in the New York Times, who stated "The breach appeared to have compromised many of Uber's internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times."
It was also reported that the hacker sent a message to Uber employees "I announce I am a hacker and Uber has suffered a data breach."
It transpires from reviewing a number of articles since, that the hack was instigated by a teenager, who alleges he had sent a text message to an Uber employee. Under the guise of being one of the companies IT team. The employee is said to have ultimately divulged a password, which allowed the hacker to gain access to Uber's systems to extract the data.
The first attack on Uber was in 2016, that involved data on 57 million riders and drivers and Uber were said to have paid the hackers $100,000.
This is not the usual approach that would be used in the complex 'ransomware attacks' but nonetheless still very effective. The method is known known as 'social engineering and this approach has been an increase in recent years, including the hacks, on Twitter, Microsoft, Okta and I suspect many more, where social engineering has been used.
SOURCE: WWW.GOV.UK | SEPTEMBER 16 2022
TAKE CONTROL OF
YOUR DIGITAL DEFENSE
TODAY AND FORTIFY
YOUR ONLINE PRESENCE AGAINST THREATS.
