Uber, the online cab booking service provider, has become a victim of data breach. Last Thursday Uber claimed that it was executing an investigation on a cybersecurity incident following a report that its network was breached. Uber has become a data breach victim. A hacker has simply burgled the company’s network. The hacker has given this detail himself.
According to the sources, the company immediately had to confine engineering systems and various internal communications because these are directly affected. The New York Times report reflects that an Uber spokesperson conveyed that the hacker has attained access to an employee’s workplace messaging app Slack and using this the hacker sent a message to Uber employees declaring that the company has been a sufferer of data breach. In this data breach, the relevant details about the data leak of the users has not been disclosed so far.
The hacker confirmed that he’s just 18 years old and has been working on his cyber security skills for many years. He further said that Uber’s security is weak and fragile, due to which he could be able to break it down very easily. He has burgled Uber’s network with just the help of a message. The hacker himself has given all this information to the reporter.
The hacker got access to the source code, email and other internal systems of Uber. He has also shared some screenshots. In this incident, Uber confirms that it is in contact with the Law Enforcement Agency and will provide every information on this concern soon. Along with this, Yuga Labs security engineer Sam Curry has mentioned that the hacker had access to almost the integrated system of Uber.
On Thursday, the company made its Slack system offline after employees received the hacker’s message. The hacker wrote in his message, ‘I declare that I am a hacker and have been a victim of the Uber data breach.’ The hacker has also told how he entered Uber’s internal system.
He had sent a message to an Uber employee posing as a corporate IT personal and obtained the password from him by this. By using this password, the hacker gained access to the Uber system. This technique is known as social engineering. Uber’s data has also been leaked in the past and this is not the first time. Even before this the company has come under the attention of investigative agencies. In the year 2016, the data of 57 million drivers and riders present on the platform was leaked. To suppress this matter, the company had also given one lakh dollars to the hackers. However, in the year 2017, this matter came in front of the public.
How does this data breach happen?
According to the hackers, they could gain access to Uber’s system via social engineering. The unnamed man said that he had accessed Uber’s systems by sending a text message claiming to be a corporate information technology person to an Uber worker, whom he persuaded to send a password.
How will this data breach affect users?
The most significant long-term consequence of a data breach is the loss of customer trust. Customers share their sensitive information with companies assuming that they will have the proper security measures in place to protect their data. Their sensitive information could be used in many ways by the hackers.
For Instance: name, emails, passwords, locations, payment details, ride information as well as their addresses.
How do users protect themselves from this type of data breach?
If a company you have recently interacted, facing a data breach then change your password immediately. Always use Two-Factor Authentication when available, Use UPI for online payments and don’t click on suspicious or unauthorised links.
About the Author :-
Rajat Kumar is an active Cyber Security Expert and Researcher as well as Corporate Trainer in the field of information security provided workshops, Seminars to schools, Universities, Law Inforcement Agencies, Corporate levels and taught over many young minds around the globe. He has 7+ year experience in the domain of cyber security.
Get in touch with him :-