Uber recently suffered a security breach, stating that a hacker affiliated with the Lapsus$ hacking group was responsible for the cyber attack. Uber Technologies Inc had had to shut several internal communications temporarily last week, after the attack, reported Reuters. An 18-year-old hacker had broken into the internal systems of Uber, reaching company tools including Amazon Web Services and Google Cloud Platform, and employees thought someone was playing a prank, IANS reported earlier. Uber said on Saturday that no sensitive user data, like trip history, had been leaked.
Uber posted a series of vacancies in the security department four days ago, which some LinkedIn users suggested was done in the aftermath of the cyber attack. It led to jokes being made at the expense of the company. “There is a famous saying that an organization’s budget for cyber security increases only after an incident. Uber just proved it right! 😂” A LinkedIn user, Indrajeet Bhuyan, joked.
“This is painfully true. Budget & management attention becomes readily available after a breach, or as some of us in the industry call it “after-the-boom”. Why do so many still refuse to heed the call for pro-active defence & early investment into cyber?” a LinkedIn user commented. Another user pointed out: “As LinkedIn does not let you post on multiple locations, they have posted in multiple locations separately so that you can attract talent from any city. This is a very common practice. I do not think they have so many positions open.”
The hacker had made himself known to Uber employees by posting a message on the company’s internal communication system Slack. Uber said that all of our services including Uber, Uber Eats, Uber Freight and the Uber Driver app are operational. The teenage hacker listed confidential company information and posted a hashtag saying that Uber “underpays its drivers” on internal communication platform Slack.
The hacker said he broke into the Uber systems because “they had weak security”.
(With inputs from IANS, Reuters)