Advertisement

Uber probing ‘cybersecurity incident’ after report of breach

In this photo illustration created on Sept. 2, a Uber logo is seen displayed on a smartphone. Uber Technologies said on Thursday it was investigating a cybersecurity incident. Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images

Uber Technologies Inc. said on Thursday it was investigating a cybersecurity incident, after a report that its network was breached and the company had to shut several internal communications and engineering systems.

A hacker compromised an employee’s workplace messaging app Slack and used it to send a message to Uber employees announcing that the company had suffered a data breach, according to a New York Times report on Thursday that cited an Uber spokesperson.

Read more: Whistleblower accuses Twitter of ‘deliberate ignorance’ in cybersecurity efforts

It appeared that the hacker was later able to gain access to other internal systems, posting an explicit photo on an internal information page for employees, the report added.

“We are in touch with law enforcement and will post additional updates here as they become available,” Uber said in a tweet, without providing further details.

Story continues below advertisement

The Slack system was taken offline on Thursday afternoon by Uber after employees received the message from the hacker, according to the Times report, citing two employees, who were not authorized to speak publicly.

Click to play video: 'RCMP lay charge in connection with alleged O’Toole leadership campaign hack'
RCMP lay charge in connection with alleged O’Toole leadership campaign hack

“I announce I am a hacker and Uber has suffered a data breach,” the message read, and went on to list several internal databases that were claimed to be compromised, the report added.

A person, claiming responsibility for the hack, told the paper that he had sent a text message to an Uber employee claiming to be a corporate IT person.

The worker was persuaded to hand over a password that allowed the hacker to gain access to Uber’s systems, the report said.

Slack said in a statement to Reuters that the company was investigating the incident and that there was no evidence of a vulnerability inherent to its platform.

Story continues below advertisement

“Uber is a valued customer, and we are here to help them if they need us,” Slack, which is owned by Salesforce Inc. said in the statement.

Uber employees were instructed to not use Slack, according to the report. Other internal systems, too, were inaccessible.

Sponsored content