Uber Applied sciences Inc. mentioned Monday a hacker affiliated with the Lapsus$ hacking group was liable for a cyber assault that final week pressured the ride-hailing firm to quickly shut a number of inner communications.
Uber mentioned the attacker had not accessed any person accounts or the databases that retailer delicate person info reminiscent of bank card numbers, checking account or journey particulars.
“The attacker accessed a number of inner programs, and our investigation has targeted on figuring out whether or not there was any materials impression,” Uber mentioned, including that investigation was nonetheless ongoing.
The corporate mentioned it was in shut coordination with the FBI and the U.S. Division of Justice on the matter.
Friday’s cybersecurity incident had introduced down Uber’s inner communication system for some time and workers had been restricted to make use of Salesforce-owned workplace messaging app Slack.
Uber mentioned the attacker logged in to a contractor’s Uber account after they accepted a two-factor login approval request following a number of requests, giving the hacker entry to a number of worker accounts and instruments reminiscent of G-Suite and Slack.
The hacking group Lapsus$ has focused corporations together with Nvidia, Microsoft and Okta, an authentication companies firm relied on by 1000’s of main companies.
Lapsus$ couldn’t be instantly reached for remark.
The hacker, who goes by the title “teapotuberhacker,” additionally reportedly claimed to leak early gameplay footage of Take-Two Interactive Software program Inc’s much-awaited sport “Grand Theft Auto VI” on Monday.
The hacker had posted a message on the discussion board about searching for to “negotiate a deal” with the videogaming firm.