Sep 21 – Last week, Uber Technologies Inc. experienced a cyber attack that forced the company to temporarily shut down some internal systems. The attack perpetrators managed to gain access after obtaining a contractor’s account credentials.

Uber blames Lapsus$

Uber believes that the hacking group Lapsus$ was behind the attack. Lapsus$ has been described as a “loosely” held collective with roots in the UK and Brazil. Group members have previously been blamed for hacks on major firms, such as Microsoft, Samsung, Nvidia and Okta.

The attack group has also been linked to a high-profile attack on video games developer Rockstar Games. Similarities have been observed across all Lapsus$ attacks, but cyber security researchers have yet to release details.

Elevated permissions

Uber initially announced the breach on a Thursday evening. By the following Monday, Uber confirmed that the attacker had “elevated permissions,” which enabled the attacker to access some internal systems and enterprise software.

Slack channel access

Among the compromised systems was Uber’s Slack channel, through which the attacker notified Uber staff about the hack. Uber reports that its public-facing systems were not compromised within the hack. Information pertaining to trip history or bank details were not accessed.

Further details

For more on this story, please see CyberTalk.org’s past coverage. To receive cutting-edge cyber security news, exclusive interviews, high-minded expert analyses and leading security resources, please sign up for the CyberTalk.org newsletter.