Uber Applied sciences stated it was investigating a cyber safety incident after a report of a community breach that compelled the corporate to close a number of inside communications and engineering techniques.
On Friday, Uber stated it had no proof that the incident concerned entry to delicate consumer knowledge comparable to journey histories and that inside software program instruments that the corporate had taken after the hack have been coming again on-line.
Uber started investigating the cyber safety incident on Thursday.
A hacker compromised an worker’s account on office messaging app Slack and used it to ship a message to Uber staff saying that the corporate had suffered an information breach, based on a New York Instances report on Thursday that cited an Uber spokesperson.
Cyber safety has been a difficulty for Uber previously.
The corporate suffered a big hack in 2016 that uncovered the non-public data of about 57 million of its clients and drivers.
It appeared the hacker was capable of achieve entry to different inside techniques, posting an express photograph on an inside data web page for workers, the Instances report added.
“We’re in contact with regulation enforcement and can publish extra updates right here as they turn into out there,” Uber stated in a tweet, with out offering additional particulars.
The hacker has claimed they’ve gained entry to safety vulnerability data produced by HackerOne for Uber.
Such confidential data might be used for additional breaches on the firm.
HackerOne stated it’s “in shut contact with Uber’s safety group, have locked their knowledge down, and can proceed to help with their investigation,” based on Chris Evans, HackerOne’s chief hacking officer.
Safety researcher Invoice Demirkapi stated screenshots circulating on-line did appear to corroborate the hacker or hackers boast that they’d entry to Uber’s inside techniques.
“This story remains to be growing and these are some excessive claims, however there does seem like proof to assist it,” he stated in a message posted to Twitter.
Uber staff have been instructed to not use Salesforce-owned workplace messaging app Slack, based on the NYT report.
An individual assumed accountability for the hack and informed the paper he had despatched a textual content message to an Uber worker claiming to be a company IT individual.
The employee was persuaded handy over a password that allowed the hacker to achieve entry to Uber’s techniques, the report stated.