Uber says it is in contact with law enforcement following reports of a significant data beach of its network. Credit: Magdalena Petrova/IDG Ride-hailing giant Uber has confirmed that it is responding to a cybersecurity incident as reports emerge that the firm has suffered a significant network data breach forcing it to shut down several internal communications and engineering systems.Attacker announces Uber breach through compromised Slack accountIn a statement on Twitter, Uber wrote “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.” While details from the company were sparse at the time of writing, a report by the New York Times on Thursday claimed that a hacker was able to compromise an employee’s Slack account and used it to send a message to Uber employees announcing that the company had suffered a data breach.The report, which cited an Uber spokesperson, also claimed that the hacker posted, “I announce I am a hacker and Uber has suffered a data breach,” before listing several internal databases that were apparently compromised. The person claiming responsibility for the hack told the New York Times that they had sent a text message to an Uber employee claiming to be a corporate IT person, persuading them hand over a password that allowed the actor to gain access to Uber’s systems. According to a tweet by security researcher and bug bunty hunter Sam Curry, an anonymous Uber employee stated, “At Uber, we got an “URGENT” email from IT security saying to stop using Slack. Now anytime I request a website, I am taken to a REDACTED page with a pornographic image and the message “F*** you wankers.” Speaking to CSO, Jake Moore, global cyber security advisor at ESET, says, “The use of a simple social engineering hack via SMS to hack into their systems leaves Uber with not just embarrassment but questions on how much data was so easily accessible behind one simple compromise. Attackers should never be underestimated and those targeted must remain vigilant to such attacks. Therefore, personal data needs to be behind much stricter securities and must be protected the best it can be not only from insider threats but also relentless attackers looking for vulnerable staff.”Andy Swift, technical director of offensive security, Six Degrees, adds that internal systems are the soft underbelly of organizations, and the Uber incident just goes to show that even the most simplistic of techniques, if done correctly, can unpick an entire infrastructure with relative ease. “It’s why things like the concept of least privilege and focus on maintaining and reducing internal attack surfaces with a holistic view is so very important and getting big focus right now. Trying to get companies to think less about the security of individual systems in pigeonholes and have a more holistic view embedded into their security testing programs through the use of red/purple teaming engagements can really help pinpoint areas of weakness against the organization as a whole. As we have seen here, looking at it from this perspective is important in understanding an attacker’s view, and continuous testing – combined with strategic, planned improvement based on results – is vital.” CSO will follow this story and update as more details come to light. Related content news US government could mandate quantum-resistant encryption from July Post-quantum encryption standards, once defined, will gradually become mandatory for government contractors. By Gyana Swain May 22, 2024 3 mins Government IT Regulation Encryption news Microsoft Azure’s Russinovich sheds light on key generative AI threats Generative AI models have a larger attack surface than many CSOs might think. Microsoft Azure’s CTO walked through some of the more significant challenges facing developers and defenders. By David Strom May 22, 2024 4 mins Generative AI Data and Information Security news analysis Rise of zero-day exploits reshape security recommendations Research from Rapid7 shows a spike in zero-days contributing to quicker exploit timelines, leaving IT security teams under strain with a greater need for post-incident response. By Lucian Constantin May 22, 2024 7 mins Incident Response Zero-day vulnerability Security Practices opinion Reducing CSO-CIO tension requires recognizing the signs Given competing pressures and priorities, CIOs and CISOs often find themselves at odds. Knowing where tensions flair and how your partner operates is essential to maintaining a productive partnership. By David Gee May 22, 2024 6 mins CIO CSO and CISO IT Leadership PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe