Uber’s computer network hacked
Uber’s computer network has been hacked, the global ride-hailing company said.
The ride-hailing company said it was investigating after several internal communications and engineering systems had been compromised.
Uber Sri Lanka has yet to make any statement on the hacking.
The New York Times first reported the breach after the hacker sent images of email, cloud storage and code repositories to the newspaper.
Uber staff were told not use the workplace messaging app Slack, the report said, quoting two employees.
Shortly before the Slack system was taken offline, Uber employees received a message that read: “I announce I am a hacker and Uber has suffered a data breach.”
It appeared that the hacker was later able to gain access to other internal systems, posting an explicit photo on an internal information page for employees.
Uber said it was in touch with authorities about the breach.
There has been no indication that Uber’s fleet of vehicles, its customers or payment data have been affected by the hack.
Uber pays a subscription fee to HackerOne, a bug bounty platform based in California. Bug bounty programs are used by a lot of big businesses – essentially they pay ethical hackers to identify bugs.
Sam Curry, one of the bug bounty hunters, communicated with the Uber hacker. “It seems like they’ve compromised a lot of stuff,” he said.
Curry said he spoke to several Uber employees, who said they were “working to lock down everything internally” to restrict the hacker’s access.
He said there was no indication that the hacker had done any damage or was interested in anything more than publicity.
Chris Evans, chief hacking officer for HackerOne, told the BBC: “We’re in close contact with Uber’s security team, have locked their data down, and will continue to assist with their investigation.”
The BBC has seen messages from someone who claims that various Uber admin accounts are under their control.
The New York Times reports the hacker is 18 years old, has been working on his cyber-security skills for several years and hacked the Uber systems because “they had weak security”.
In the Slack message that announced the breach, the person also said Uber drivers should receive higher pay. (BBC/Colombo Gazette)
