Uber Security Breach - News Alert
September 16, 2022 – The Cyber Security Association of Pennsylvania and it's President Scott R. Davis has issued a recommendation for users of popular ride share service Uber to update their user credentials.
Uber has announced that they are investigating a wide-reaching security breach that was started when an employee answered a text message from a person impersonating IT support with their user credentials.
This gave the impersonator access to Uber's systems which from screenshots surfacing online include the employee Slack (communications) tool, and Uber's Cloud Services on Amazon Web Services (AWS) and Google Cloud (and likely others). Shortly before Uber’s Slack system was taken offline, Uber employees received a message that read “I announce I am a hacker and Uber has suffered a data breach.”
The impersonator also has gained access to Uber's HackerOne account which is used by the Cyber Security Community (Ethical - The Good Guys) to report other security vulnerabilities in the platform. Access to this system now allows the impersonator access into reported unpatched zero-days and other security related communication.
So, this is a very severe breach and knowing the level that this cyber criminal was able to gain from a single person's account is to raise concern.
From what I have read Uber has not acknowledged if their payment systems, user accounts, or passwords were also breached but it is very possible based on what I am seeing was already acknowledged as outlined above. Uber likely has strong encryption practices in place to protect your payment information and passwords, but even encrypted data poses a risk of being decrypted.
What do you do?
Due to the ability of the cyber criminal to browse multiple aspects of the Uber systems, the Cyber Security Association of Pennsylvania advises all users to log into Uber and update your passwords. If you are using the same password for multiple platforms you should update those as well with different passwords.
Be aware of text messages and emails coming from Uber - and others. Bottom line, never share your password.
Over the next couple weeks watch your credit cards, and any other accounts that used that same password (should be none) for unusual activity.
Finally, let Uber run the investigation – they (or the cyber criminal) are the best sources of actual facts at the moment.