Uber Technologies Inc. declared on Monday that a hacker connected to the Lapsus$ hacking gang was to blame for the cyber-attack that compelled the ride-hailing service to briefly halt some internal communications last week.
According to Uber, the attacker did not get access to any user accounts or the databases that hold sensitive user data like credit card numbers, bank account information, or trip information.
According to Uber, “the attacker gained access to a number of internal systems, and the focus of our investigation has been on identifying whether there was any meaningful damage.” Uber also noted that the investigation was still ongoing.
The business said that it was working closely with the FBI and the US Department of Justice on the issue.
Uber’s internal communication system was temporarily down due to a cyberattack on Friday, and staff members were forced to utilize the Slack business messaging software, which is owned by Salesforce.
The hacker gained access to several staff accounts and tools including G-Suite and Slack after accepting a two-factor login permission request after receiving multiple requests, according to Uber. The attacker then signed in to the contractor’s Uber account.
The hacker collective Lapsus$ has attacked companies including Nvidia, Microsoft, and Okta, a provider of authentication services used by thousands of significant enterprises.
The much-anticipated video game “Grand Theft Auto VI” was said to have had early gameplay footage leaked on Monday, according to the hacker who goes by the handle “teapotuberhacker.”
On the forum, the hacker had said that he wanted to “make a contract” with the game company.
