Uber is on high alert after a hacker claimed that the ride-hailing giant has suffered a data breach. The company has reported that it is investigating a cyber security incident and also alerted the law-enforcement authorities. The alleged breach had reportedly forced Uber to take several internal communications and engineering systems offline.
As per a New York Times report, a cybercriminal hacked into an Uber employees’ Slack app, a workplace messaging app. The hacker then used his account to send a message to other employees informing them that the Uber systems had suffered a data breach. Not only was the hacker able to send messages to the employees, he was also able to gain access to other internal company systems. He posted an explicit picture of an internal information page for employees. “I announce I am a hacker and Uber has suffered a data breach. Slack has been stolen…” the hacker wrote on Slack.
Uber, in a tweet, acknowledged the data breach and said that the matter is currently under investigation, “We are in touch with law enforcement and will post additional updates here as they become available,” the company said in a tweet.
As soon as the Uber employees received a message from the hacker on Slack, the workplace messaging app was taken offline on Thursday afternoon. Uber staff were strictly prohibited from accessing the messaging app. Along with Slack, some other internet systems were also inaccessible to the users.
The hacker told the New York Times that he had sent a message to an Uber employee claiming to be a corporate information technology officer. The hacker coaxed the employee to share his password and the employee fell into the trap. The hacker revealed that he is only 18 years old and had been working on his cyber security skills for years.
“We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us,” wrote Latha Maripuri, Uber’s chief information security officer, to the employees in an email obtained by The New York Times.