• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

 | 

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

 | 

UK NCA arrested four people over M&S, Co-op cyberattacks

 | 

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

 | 

Qantas data breach impacted 5.7 million individuals

 | 

DoNot APT is expanding scope targeting European foreign ministries

 | 

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

 | 

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

 | 

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

 | 

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

 | 

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Cyber Crime
  • Data Breach
  • Hacking
  • Uber hacked, internal systems and confidential documents were allegedly compromised

Uber hacked, internal systems and confidential documents were allegedly compromised

Pierluigi Paganini September 16, 2022

Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents.

Uber on Thursday suffered a cyberattack, the attackers were able to penetrate its internal network and access internal documents, including vulnerability reports.

We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.

— Uber Comms (@Uber_Comms) September 16, 2022

According to the New York Times, the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases.

“I announce I am a hacker and Uber has suffered a data breach.” states the message.

The company was forced to take its internal communications and engineering systems offline to mitigate the attack and investigate the intrusion.

The attackers allegedly compromised several internal systems and provided images of email, cloud storage and code repositories to The New York Times and some cyber security researchers.

“They pretty much have full access to Uber,” said Sam Curry, a security engineer at Yuga Labs who corresponded with the person who claimed to be responsible for the breach. “This is a total compromise, from what it looks like.”

The attackers also had access to the company’s HackerOne bug bounty program, which means that they had access to every bug report submitted to the company by white hat hackers. This information is very important, threat actors could use it to launch further attacks. At this time is not possible to exclude that the reports include technical details about some flaws that have yet to be fixed by the company.

HackerOne has immediately disabled the Uber bug bounty program blocking any access to the list of the reported issues.

Someone hacked an Uber employees HackerOne account and is commenting on all of the tickets. They likely have access to all of the Uber HackerOne reports. pic.twitter.com/00j8V3kcoE

— Sam Curry (@samwcyo) September 16, 2022

Update: A Threat Actor claims to have completely compromised Uber – they have posted screenshots of their AWS instance, HackerOne administration panel, and more.

They are openly taunting and mocking @Uber. pic.twitter.com/Q3PzzBLsQY

— vx-underground (@vxunderground) September 16, 2022

Uber notified law enforcement and started an internal investigation into the incident, a company spokesman confirmed.

Uber

“We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us,” Latha Maripuri, Uber’s chief information security officer, told NYT via email.

Employees were instructed not to use the internal messaging service Slack and some of them, speaking on a condition of anonymity, told the NYT that other internal systems were inaccessible.

The hacker claims to be 18 years old and added that Uber had weak security, in the message sent via Slack he also said Uber drivers should receive higher pay.

This is not the first time that the company suffered a security breach. In 2017, the news of another data breach that took place in 2016 made the headlines.

In November 2017, Uber CEO Dara Khosrowshahi announced that hackers broke into the company database and accessed the personal data (names, email addresses, and cell phone numbers) of 57 million of its users, the disconcerting revelation was that the company covered up the hack for more than a year.

The attackers accessed also the names and driver’s license numbers of roughly 600,000 of its drivers in the United States.

The hack happened in 2016, it was easy for hackers that according to a report published by Bloomberg, obtained credentials from a private GitHub site used by the company’s development team. The hackers tried to blackmail Uber and demanded $100,000 from the company in exchange for avoiding publishing the stolen data.

Rather than notify the data breach to customers and law enforcement, as is required by California’s data security breach notification law, the chief of information security Joe Sullivan ordered to pay the ransom and to cover the story destroying any evidence. The payout was disguised as a bug bounty prize complete with non-disclosure agreements signed

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Uber)

[adrotate banner=”5″]

[adrotate banner=”13″]


facebook linkedin twitter

Cybercrime data breach hacking news information security news IT Information Security Pierluigi Paganini Security Affairs Security News Uber

you might also like

Pierluigi Paganini July 11, 2025
U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog
Read more
Pierluigi Paganini July 10, 2025
UK NCA arrested four people over M&S, Co-op cyberattacks
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

    Uncategorized / July 11, 2025

    U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

    Hacking / July 11, 2025

    UK NCA arrested four people over M&S, Co-op cyberattacks

    Cyber Crime / July 10, 2025

    PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

    Hacking / July 10, 2025

    Qantas data breach impacted 5.7 million individuals

    Data Breach / July 10, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT