Uber has been the victim of a data breach.
The mobility as a service provider disclosed it was “responding to a cybersecurity incident” at 9:25 p.m. on September 15.
As a precaution, Uber said it took down some of its software tools and restored them the next day.
“We have no evidence that the incident involved access to sensitive user data (like trip history).All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational,” according to a company statement posted on September 16.
Law enforcement has been notified, and the investigation is ongoing. The ride hailing company has been skimpy on details. According to the Washington Post and other reports, a hacker surfaced in a message posted in Slack after tricking an Uber employee into providing credentials. If this sounds familiar, it is because IHG's latest data breach is believed to have been precipitated by a gullible employee. Hackers were only able to gain access to IHG's internal IT network after an employee was tricked into downloading a malicious piece of software via a booby-trapped email attachment.
At Uber the bad actor got access to systems stored on Amazon and Google cloud-based servers where Uber keeps source code, financial data and customer data such as driver's licenses, NPR’s Marketplace reported.
HT will continue to follow this story.