Uber Blames Recent Breach on LAPSUS$ Hacking Group Image (Photo Illustration by Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images)

Uber suspects a member of the LAPSUS$ hacking gang is behind a recent breach at the ride-hailing provider. In a Monday update(Opens in a new window) about the hack, the company says the culprit infiltrated Uber using techniques similar to those unleashed on other tech companies earlier this year.

LAPSUS$ made waves in February and March when the group successfully stole data from Nvidia, Microsoft, and Samsung, among others. Police in the UK later arrested seven people for their roles in the LAPSUS$ gang. Two of the suspects, a 16-year-old and 17-year-old, were later charged with computer hacking crimes.

However, it’s possible at least one member of LAPSUS$ remains at large. Some of the group’s early targets were in South America, which has caused researchers to suspect other gang members may be based not in the UK, but a continent away.

The hacker who breached Uber reportedly describes himself as an 18-year-old. He’s also been using(Opens in a new window) the screen name “Tea Pot.”

In addition, Uber’s update notes that the hacker may have also orchestrated a breach at Rockstar Games, which led to video leaks of the unreleased Grand Theft Auto VI over the weekend. The attacker who hit Rockstar is using the screen name “teapotuberhacker” in forums, and has claimed responsibility for infiltrating Uber, but without providing evidence. Nevertheless, teapotuberhacker says he breached Rockstar Games by targeting its Slack account.

In its own update, Uber adds: “We are in close coordination with the FBI and US Department of Justice on this matter and will continue to support their efforts.”

The update goes on to say the hacker breached Uber by targeting a company contractor. “It is likely that the attacker purchased the contractor’s Uber corporate password on the dark web, after the contractor’s personal device had been infected with malware, exposing those credentials,” Uber said.

“The attacker then repeatedly tried to log in to the contractor’s Uber account. Each time, the contractor received a two-factor login approval request, which initially blocked access. Eventually, however, the contractor accepted one, and the attacker successfully logged in,” Uber adds.

Recommended by Our Editors

Once access was achieved, the hacker was able to break into several other employee accounts, which paved a way to access Uber’s G Workspace and Slack accounts. In response, the ride-hailing company has been investigating its internal systems to find out what was affected.

In some good news, Uber says it found no evidence the hacker ever accessed user account information, including customer credit card numbers. “We reviewed our codebase and have not found that the attacker made any changes,” the company added. “We also have not found that the attacker accessed any customer or user data stored by our cloud providers.”

However, the hacker did download some internal messages on Uber’s Slack account, along with files “from an internal tool our finance team uses to manage some invoices.” Uber adds it’s continuing its investigation with the help of several leading forensics firms and is working to bolster its cyber defenses from future attacks.

SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.”,”first_published_at”:”2021-09-30T21:22:09.000000Z”,”published_at”:”2022-03-24T14:57:33.000000Z”,”last_published_at”:”2022-03-24T14:57:28.000000Z”,”created_at”:null,”updated_at”:”2022-03-24T14:57:33.000000Z”})” x-show=”showEmailSignUp()”>

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

You can read the original article here

New reasons to get excited everyday.

Get the latest tech news delivered right in your mailbox

5 Reasons Why You Should Try Online Horse Race Betting

In many places around the world, horse races are an attraction that a lot of people love to watch. With the fast-paced action and thrill that each game provides, it is no longer surprising to know that millions of fans have grown fond of it.

NordLayer — more than a business VPN

Cybersecurity threats have become vast and more sophisticated. The rate of malware attacks and malicious activity counts within seconds despite the size or sector the organization belongs to — no one is safe enough to expect that foe actors will bypass vital company resources.


Don't miss a beat!!

We’d love to keep you updated with the latest tech news from across the internet!

Don't worry, we don’t spam!

You may also like

Notify of
Inline Feedbacks
View all comments