Uber hacked by teenager demanding higher pay for drivers

- Advertisement -


The hacker claimed to be able to access the company’s email and cloud storage systems, and said the firm had weak security standards.

- Advertisement -

C

- Advertisement -

The ybersecurity policies at Uber were brought into question today after the ride-hailing app forced it to shut down its staff messaging service following a security breach on its computer network.

According to the New York Times, the hacker who claimed responsibility for the breach said he was 18, and asked Uber drivers to receive higher pay. He claimed to be able to access the company’s email and cloud storage systems, and said the firm had weak security standards.

- Advertisement -

He was able to gain access to an Uber worker’s Slack account posing as an IT assistant and sent messages to Uber employees that read: “I declare that I am a hacker and Uber is facing a data breach. Is kept.”

Uber’s Slack system was taken offline as a result of the hack, with employees telling the firm’s security staff “there is no estimate yet when full access to the device will be restored” in an internal email seen by The New York Times.

San Francisco-based Uber has faced criticism in the past for its handling of cybersecurity incidents. In 2016, the firm paid hackers a $100,000 ransom to remove records of millions of driver and rider accounts stolen from the company. Uber’s security chief, Joe Sullivan, was fired by the company for his role in the debacle, and was charged with obstructing justice for keeping the security breach a secret for more than a year.

In a tweet, Uber said: “We are currently responding to a cybersecurity incident. We are in contact with law enforcement and will post additional updates here as they become available.”

In a statement to Reuters news agency, Slack said it was investigating the incident and had no evidence of vulnerability on its network.

Tim Colon, chief compliance officer at security firm Sectigo, said: “Attacks like these are very common. No matter how vigilant a company’s security culture is, these fundamental vulnerabilities will persist as long as traditional username-password credentials are accessed. control.”

Credit: www.standard.co.uk /

- Advertisement -

Recent Articles

Related Stories