Uber says there is “no evidence” the hacker accessed sensitive user info, like trip histories, during the breach and that all its products are now “operational”
Uber says there is “no evidence” that any of its users' private information was compromised in a breach of its internal computer systems.
The Verge Andrew J. Hawkins
Related Coverage
- Security update — While our investigation and response efforts are ongoing, here is a further update on yesterday's incident: Uber Newsroom
- No private users' data compromised in cyber breach: Uber The Economic Times
- Everything We Know About the Massive Uber Hack Gizmodo · Lucas Ropek
- Uber Hack Indicates Security Is Tech Industry's Achilles' Heel Wall Street Journal
- Who hacked Uber? — Answer: An 18-year-old. — Uber confirmed on Friday that it was the victim … GovTech
- After a serious breach, Uber says its services are operational again Associated Press
- Uber clarifies that no private users' data compromised in cyber breach BGR India · Priya Singh
- Young hacker tricks way into Uber's system: reports Tech Xplore
- Uber Says ‘No Evidence’ User Accounts Were Compromised in Hack Slashdot · Msmash
- Teenage Hacker Claims to Breach Uber, Security Researcher Says TIME
- Uber Claims No Sensitive Data Exposed in Latest Breach... But There's More to This The Hacker News · Ravie Lakshmanan
- Uber apparently hacked by teen, employees thought it was a joke / ‘I think IT would appreciate less memes while they handle the breach’ The Verge · Jon Porter
- A Hacker Breached Uber's Internal Systems Forcing Company to Take Some Systems Offline Metacurity · Cynthia Brumfield
- Uber's Security Breached, Investigation Underway International Business Times · Manan Bhavnani
- Uber employees didn't believe a teen hacked its internal system MobileSyrup · Nida Zafar
- Hacker Pwns Uber Via Compromised VPN Account Dark Reading · Tara Seals
- Uber Hacked! Sensitive Info Like Internal Systems, Email, Slack Server Exposed Trak.in · Shreya Bose
- Uber responding to “cybersecurity incident” following reports of significant data breach DataBreaches.net
- Uber Hacked! What Can You Do In This Case? Fossbytes · Aman Anand
- Uber Investigating Massive Security Breach by Alleged Teen Hacker Gizmodo · Matt Novak
- Uber says it's investigating a ‘cybersecurity incident’ Engadget · Mariella Moon
- Uber's had a data breach, and we don't know how bad it is yet Mashable
- Uber was breached to its core, purportedly by an 18-year-old. Here's what's known Ars Technica · Dan Goodin
- The Uber Hack's Devastation Is Just Starting to Reveal Itself Wired · Lily Hay Newman
- A teen hacked Uber and announced it in the company Slack. Employees thought it was a joke. Mashable
- Uber's New Hack Exposed on Eve of Trial Over Last One Bloomberg
- Uber's hack shows the stubborn power of social engineering / In corporate IT systems, humans are usually the weakest link The Verge · Corin Faife
- The Uber Hack Shows Push Notification 2FA Has a Downside: It's Too Annoying VICE · Lorenzo Franceschi-Bicchierai
- Uber Is Investigating Cybersecurity Breach. The Stock Falls. MarketWatch · Sabrina Escobar
- Uber Investigates Breach After Hacker Claims Widespread Access Wall Street Journal
- An 18-Year-Old Hacked Into Uber's Computer Systems to Argue Drivers Should Be Better Paid Observer · Courtney Vinopal
- Uber employees are being barraged with obscene images in a major hack, and they're worried their financial data may have been compromised Fortune · Kylie Robison
- What Uber's data breach reveals about social engineering VentureBeat · Tim Keary
- Uber Is Looking Into Massive Security Breach As Teen Hacker Posts Sensitive Screenshots HotHardware · Nathan Wasson
- Attacker Apparently Didn't Have to Breach a Single System to Pwn Uber Dark Reading · Jai Vijayan
- Staff Laughed, But This Uber Hack Is Serious SlashGear · Rahul Srinivas
- Latest Uber Data Breach Caused by Hacker Tricking Worker Into Giving Up Access Channel Futures · Edward Gately
- Uber investigating security breach of several internal systems TechRepublic · Esther Shein
- Uber finds ‘no evidence’ that sensitive user data was stolen in hack Engadget · Jon Fingas
- Uber Hacked by 18-Year-Old, Source Code and Internal Communications Compromised: Report iPhone in Canada Blog · Nehal Malik
- Uber hacked, internal systems and confidential documents were allegedly compromised Security Affairs · Pierluigi Paganini
- Attacker announces Uber breach through compromised Slack account DataBreaches.net
- Big Tech is losing California Protocol · Issie Lapowsky
- Science Business Today Science Business Today
- Blame game follows Uber hack. Experts say don't fault employee. CyberScoop · AJ Vicens
- Uber's been hacked by an 18 year old, go figure PC Gamer
- Uber investigates security breach of its internal systems SiliconANGLE · Kyt Dotson
- Threat actor breaches many of Uber's critical systems Cybersecurity Dive
- Uber security breach ‘looks bad’, potentially compromising all systems ZDNet · Eileen Yu
- Uber confirms hack in the latest access and identity nightmare for corporate America SC Media · Derek B. Johnson
- Uber Hacked: Its Security is ‘Awful’ and ‘Weak’ Security Boulevard · Richi Jennings
- Uber confirms alleged teen hacker breached its network, taunted employees New York Post · Thomas Barrabi
- Uber investigating ‘cybersecurity incident’ after hacker claims to access internal systems CNN · Sean Lyngaas
- Uber's security breach shows how much we trust companies with our data XDA Developers · Adam Conway
- Kevin Reed's Post LinkedIn · Kevin Reed
- Uber investigating hack on its computer systems BBC · Shiona McCallum
- Uber's hacker *irritated* his way into its network, stole internal documents Graham Cluley
- Uber was hacked by a teenager - here's what we know so far KnowTechie · Matthew Hughes
- Uber hacked | hacker shared information | Uber's probing breach Memeburn · Gopolang Moloko
- Uber confirms it was hit by major cyberattack TechRadar
- Uber Hack - Ride-hailing Giant Investigating Large-Scale Data Breach HackRead · Waqas
- Uber investigating cybersecurity incident after hacker breaches its internal network TechCrunch · Carly Page
- Uber confirms it is investigating cybersecurity incident The Record · Alexander Martin
- Uber hacker claims to have full control of company's cloud-based servers 9to5Mac · Ben Lovejoy
- Uber investigates ‘cybersecurity incident’ after reports of a hack on the company CNBC · Ryan Browne
- Uber reels from ‘security incident’ in which cloud systems seemingly hijacked The Register · Simon Sharwood
- Uber confirms “cybersecurity incident” after 18-year-old claimed to be behind massive breach TechSpot · Rob Thubron
- Uber hacked, company assessing severity of losses AppleInsider · William Gallagher
- Uber reportedly suffers major data breach — what you need to know Tom's Guide · Tom Pritchard
- Uber Probes Breach After Hacker Boasts About Intrusion BankInfoSecurity.com · Prajeet Nair
- Uber Investigating Breach of Its Computer Systems Slashdot · Msmash
- Uber responding to “cybersecurity incident” following reports of significant data breach CSO · Michael Hill
- Uber investigating computer network breach- NYT Reuters · Shubham Kalia
- 18-Year-Old Hacker Claims Responsibility for Uber Breach PYMNTS.com
- Uber investigating possible network breach after hacker taunts The Hill · Chloe Folmar
- Uber suffers major cyber attack ComputerWeekly.com · Alex Scroxton
- Uber Investigating Data Breach After Hacker Claims Extensive Compromise SecurityWeek · Eduard Kovacs
- Alert: Uber's internal systems hacked giving bad actor ‘full access’ Finbold · Ana Nicenko
- Uber faces major cybersecurity breach, investigation underway [Update] Neowin · Hemant Saxena
- Uber Suffers ‘Total Compromise’ System Hack PCMag · Matthew Humphries
- Uber Hacker May Have Compromised Secret Bug Reports Infosecurity · Phil Muncaster
- Uber Hacked! Teenage hacker advocating driver's rights used social engineering to gain access to Uber's Slack & internal systems Tech News · Nickie Louise
- Uber staff told to stay off Slack after hack Silicon Republic · Leigh Mc Gowran
- Uber suffers ‘cybersecurity incident’ with hackers gaining access to internal systems and vulnerability reports BetaNews · Sofia Wyciślik-Wilson
- Uber cyberattack: ride-hailing giant's systems compromised in apparent social engineering breach Tech Monitor · Matthew Gooding
- Hacker claims access to critical infra of Uber, company starts investigation TechCircle · Shouvik Das
- Uber acknowledges data breach, says it is probing the ‘cybersecurity incident’ BGR India · Priya Singh
- Massive Data Breach at Uber Schneier on Security · Bruce Schneier
- An 18-year-old reportedly hacked Uber's computer systems and sent employees cryptic Slack messages Insider
- Uber Says It's Investigating a Potential Breach of Its Computer Systems The Hacker News · Ravie Lakshmanan
- Uber says it's investigating ‘cybersecurity incident’ Digital Trends · Trevor Mogg
- Uber Hacked—18 Year Old Hacker Claims To Be Behind Extensive Breach Forbes · Davey Winder
- Uber responding to ‘cybersecurity incident’ after hack The Guardian · Dan Milmo
- Yuga Labs engineer: Uber's hacker accessed its HackerOne bug bounty program; source: the hacker downloaded all the vulnerability reports before losing access BleepingComputer · Lawrence Abrams
Discussion
-
@uber_comms
@uber_comms
on x
https://twitter.com/...
-
@racheltobac
Rachel Tobac
on x
So far Uber says “we have no evidence the incident involved access to sensitive user data (like trip history)”. As we know, just bc there isn't evidence yet of user data exfil doesn't mean it didn't happen. Crossing my fingers that it turns out user data wasn't impacted 🤖🤞 https:…
-
@hacker_
Corben Leo
on x
Apparently there was an internal network share that contained powershell scripts... “One of the powershell scripts contained the username and password for a admin user in Thycotic (PAM) Using this i was able to extract secrets for all services, DA, DUO, Onelogin, AWS, GSuite” htt…
-
@coltonseal
Colton
on x
Honestly kind of a classy way to hack someone 😂😂😂 @Uber https://twitter.com/...
-
@kyliebytes
Kylie Robison
on x
An Uber employee told Fortune that when they open their work laptop, all internal websites displayed a picture of an “erect penis” with the text “FUCK YOU DUMB WANKERS.” https://fortune.com/...
-
@kwestin
Ken Westin
on x
If Uber didn't use computers then this would have never happened.
-
@willoremus
Will Oremus
on x
old enough to remember three days ago when twitter was the only tech company with bad security https://www.washingtonpost.com/ ... https://t.co/UZE1YaXQKY
-
@film_girl
Christina Warren
on x
I can't dunk on this. I know a lot of people will, but I can't. I was raised in newsrooms, which is second only to LE for gallows humor. But lol at being told to stop. https://twitter.com/...
-
@josephmenn
Joseph Menn
on x
The Uber breach, which the hacker says began with social engineering of an employee, may be so thorough that it will be hard to kick the intruder out, experts said overnight. https://www.washingtonpost.com/ ...
-
@kyliebytes
Kylie Robison
on x
NEW: An employee at Uber described scenes of chaos on Thursday night as the ride-hailing company's computer systems were commandeered in a devastating hack that buffeted staffers with obscene images. I wrote about inside the mayhem for @FortuneMagazine: https://fortune.com/...
-
@laurentbercot
Laurent Bercot
on x
I'll just use my username and password in this script that needs admin rights, what could possibly go wrong https://twitter.com/...
-
@k8em0
@k8em0
on x
Pour one out for the security response team at Uber. Hardcoded secrets in a powershell script got them powershellacked. Good practice is to assume intruders will seek out your internal scripts & do not leave secrets hard coded to help them elevate privilege & pivot like this. htt…
-
@rik_ferguson
Rik Ferguson
on x
Second time in a week that I have heard of hardcoded PAM secrets giving an opportunistic attacker *all the access* to a global corp. Technology is wholly dependent upon proper implementation and process. It's easy to point fingers at a product, but often wrong. https://twitter.co…
-
@da_667
@da_667
on x
The amount of shitposting and emojis is pretty hilarious. https://twitter.com/...
-
@aaschapiro
Avi Asher-Schapiro
on x
If this screen shot is to be believed, the hacker who broke into Uber spammed the company's slack with a message about underpaid drivers.... https://twitter.com/...
-
@faizsays
Faiz Siddiqui
on x
As employee reactions poured in, including a Mr. Krabs meme, the “It's Happening” GIF and questions about whether it was a prank, someone wrote. “Sorry to be a stick in the mud, but I think IT would appreciate less memes while they handle the breach” https://www.washingtonpost.co…
-
@kantrowitz
Alex Kantrowitz
on x
Props for going @ here vs. @ channel. That counts for something. https://twitter.com/...
-
@tomwarren
Tom Warren
on x
The Uber hacker reportedly posted a message in the company's internal Slack, and employees thought it was joke and reacted with 🍿 and 🚨 emoji and GIFs on the post https://twitter.com/...
-
@uber_comms
@uber_comms
on x
We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.
-
@samwcyo
Sam Curry
on x
Someone hacked an Uber employees HackerOne account and is commenting on all of the tickets. They likely have access to all of the Uber HackerOne reports. https://twitter.com/...
-
@samwcyo
Sam Curry
on x
From another Uber employee: Instead of doing anything, a good portion of the staff was interacting and mocking the hacker thinking someone was playing a joke. After being told to stop going on slack, people kept going on for the jokes. lmao
-
@kyliebytes
Kylie Robison
on x
RIP to everyone's weekend at Uber. “Shortly before the Slack system was taken offline on Thursday afternoon, Uber employees received a message that read: ‘I announce I am a hacker and Uber has suffered a data breach.’” https://www.nytimes.com/...
-
@billdemirkapi
Bill Demirkapi
on x
Some new information since last night. The attacker claims that they were able to gain persistent MFA access to their compromised accounts by social engineering the victims into accepting a prompt that allowed the attacker to register their own device for MFA. 15/N https://twitte…
-
@cityofthetown
Tom Dotan
on x
The uber hack seems nightmarishly bad. And pretty depressing that the way around MFA is just spamming the victim until they give up and just allow themselves to be hacked. https://twitter.com/...
-
@joshconstine
Josh Constine
on x
This is so savage. A hacker broke into Uber's Bug Bounty program and stole all the vulnerability reports ...so they can hack it over and over until everything is fixed. Galaxy brain attack. https://www.bleepingcomputer.com/ ... https://twitter.com/...
-
@lorenzofb
Lorenzo Franceschi-Bicchierai
on x
NEW: One of the biggest takeaways of the Uber hack is that 2FA via push notifications is flawed and relatively easy to circumvent. “They can become so annoying that the target eventually accepts,” @RachelTobac told us. https://www.vice.com/...
-
@kyliebytes
Kylie Robison
on x
Just dropping this here.... employees seemingly still don't have access. Yay for long weekends? https://twitter.com/...
-
@spencerdailey
Spencer Dailey
on x
@Techmeme @LawrenceAbrams This is a major deal if true —> not only have Uber's systems been compromised, but the company will remained compromised until it fixes all of their known vulnerabilities. In other words, the odds of hacker reentry are extremely high and will remain so f…
-
@kateconger
Kate Conger
on x
Update: We spoke to the person who claimed responsibility for the hack. He says he is 18. https://twitter.com/...
-
@tiffanycli
Tiffany C. Li
on x
Cybersecurity truths: 1. No system is perfectly secure. 2. The more data you store, the more data you risk. Good thing the only sensitive personal data Uber has are financial info, contact info, and also the records of everywhere every user has ever traveled at any time. https://…
-
@carlquintanilla
Carl Quintanilla
on x
“.. The hacker provided .. screenshots that appeared to show widespread access to a range of administrative accounts that manage Uber's technology systems, including the company's Amazon Web Services and Google clouds ..” @WSJ $UBER https://www.wsj.com/...
-
@kevinroose
Kevin Roose
on x
Update: a person claiming responsibility for the Uber hack tells the NYT that he is 18, got in through social engineering an employee's password, and hacked the company because it had weak security. https://www.nytimes.com/... https://twitter.com/...
-
@tomwarren
Tom Warren
on x
Uber has been hacked, and it looks bad. The hacker got in through social engineering and allegedly found a network share full of Microsoft PowerShell scripts that included Uber admin usernames and passwords to let them breach AWS, G Suite, and more 🥲 https://www.theverge.com/...
-
@dcuthbert
Daniel Cuthbert
on x
“Doesn't know what to do with it and is having the time of his life” Aaaaand there's my teenage years eloquently portrayed. https://twitter.com/...
-
@mmasnick
Mike Masnick
on x
The kids these days... https://twitter.com/...
-
@wbm312
Whitney Merrill
on x
And on the 27th anniversary of the movie Hackers too. https://twitter.com/... https://twitter.com/...
-
@williamlegate
@williamlegate
on x
Uber has had their entire infrastructure (cloud, financial, comms, dev, etc) hacked by a kid purporting to be a teenager - breach appears to be very severe. https://twitter.com/...
-
@roybahat
Roy E. Bahat
on x
“In the Slack message that announced the breach, the person also said Uber drivers should receive higher pay.” Curious what motivated the hacker to choose to crusade for that... https://twitter.com/...
-
@dangoodin001
Dan Goodin
on x
“'They pretty much have full access to Uber,' said Sam Curry, a security engineer at Yuga Labs who corresponded with the person who claimed to be responsible for the breach. ‘This is a total compromise, from what it looks like.’” https://twitter.com/...
-
@wbm312
Whitney Merrill
on x
Fido 2FA for all pls. https://twitter.com/...
-
@wbm312
Whitney Merrill
on x
Guess they can't hide this one from the FTC 😬 https://twitter.com/...
-
@wbm312
Whitney Merrill
on x
This is the worst case scenario we all try to prepare for, but no one believes will happen or is possible... https://twitter.com/...
-
@3vansutton
Evan Sutton
on x
I can't wait for them to have a fleet of driverless cars because clearly there's no large scale risk of that ending badly https://twitter.com/...
-
@kellen_browning
Kellen Browning
on x
Big scoop from @kateconger and @kevinroose — Uber's internal network was breached Thursday and employees have been told to stay off Slack. Developing situation: https://www.nytimes.com/...