Uber, but possibly also Rockstar (from GTA 6), would not have been hacked last week, but by someone affiliated with the hacker group Lapsus$. This hacker group has previously made headlines because of the major hacks it performs on well-known, popular brands. Uber indicates that investigation shows that the perpetrator is someone from Lapsus$.
Hack on Uber
As with Rockstar, this attack on Slack also revealed that the hacker had access to the company’s systems. In the case of Uber, this was probably achieved by having an employee hand over his password. Exactly how he or she proceeded is still unknown, but that was probably done through phishing or social engineering.
The hacker said he had access to Uber’s source code, as well as internal emails and other company systems. Uber was shocked and immediately took many systems offline. Ultimately, an investigation shows that the hacker did not have access to user data of Uber customers. Also, no payment information was stolen, so that would mean that you as a customer have a little less to fear from this hack.
Uber is also working with Justice and the police in the United States to ensure that the perpetrators are uncovered and can be brought to justice. It is not known why Uber believes it is Lapsus$ behind the attack. In any case, it is not very clear what the hacker group exactly means: how many members it has and from which it operates. It would be mainly young people from South America, but at the same time there is talk of a perpetrator who would come from the United Kingdom. Probably a very young person.
This is not the first time that Uber has been hacked. It has happened several times and money has even been paid to ensure that the data of customers, drivers and employees did not end up on the street. Not a good round for Uber’s security team, but on the other hand, you are only as strong as your weakest link and security is certainly something your employees are involved in.
Earlier, Lapsus$ broke into Nvidia, Microsoft and Samsung. It was a bit quieter around the group for a while, but that can just be over with two major hacks in a row.