Uber hacked in cybersecurity incident

Published , by Sam Chandler

As the world shifts to a more online presence, the digital world presents all sorts of security issues and flaws that companies will need to contend with. It seems that Uber, one of the largest ride-sharing and food-delivery service companies in the world, has been hacked. The cybersecurity incident has shed light on the vulnerabilities of security systems.

Uber made an announcement on Twitter late Thursday evening on September 15, 2022 noting that the team is responding to a cybersecurity incident. The tweet, embeded below, mentions that the team are in touch with law enforcement and will deliver updates as information becomes available.

Bill Demirkapi, one of the team members at Microsoft’s MSRC Vulnerability and Mitigations, took to Twitter to offer up his knowledge on the subject matter. In a lengthy thread (which you can read below), Demirkapi offers details on how the hacker managed to infiltrate Uber’s systems, what they have access to, and how Uber is not alone in its security flaw.

According to the hacker, they were able to gain access to Uber’s system via social engineering. This method relies on the fallibility of humans to either not notice an oddity (a slightly incorrect URL) or to offer up sensitive information. Once they had access, the hacker was able to use the victim’s VPN to “pivot to the internal network”.

“The attacker appears to have found an internal network share that contained scripts with privileged credentials, giving them the keys to the kingdom,” Demirkapi writes. “They claim to have compromised Uber's Duo, OneLogin, AWS, and GSuite environments.”

The security vulnerabilities of multi-factor authentication (MFA) are common, according to Demirkapi, with more than 60 percent of sites not supporting hardware tokens. That is to say, this flaw is not limited to Uber and could happen elsewhere.