Uber said it believes the hacking group Lapsus$ was behind an attack last week that forced the company to temporarily shut down some internal systems, saying the perpetrators gained access after obtaining account credentials for outside contractors.
The attack is the latest against a large tech company linked to Lapsus$, which cybersecurity researchers describe as a “loose” collective with roots in the UK and Brazil. Members have previously been blamed for embarrassing hacks against companies including Microsoft, Samsung, Nvidia and Okta.
The gang has also been linked to another high-profile attack on video game developer Rockstar Games this weekend, in which footage from the next installment in the Grand Theft Auto franchise was leaked to fan forums. cyber security The researchers noted strong similarities in the attacks, but said it was too early to confirm a link.
Uber It was first announced last Thursday night that it had been vandalized. On Monday, it confirmed that the intruders had obtained “elevated privileges” granting access to some internal systems and enterprise software used by employees.
These included Uber’s Slack channel, where the attackers sent a message alerting employees to the hack, saying, “I’m announcing that I’m a hacker, and Uber has suffered a data breach.” Some employees were redirected to include obscene images web page.
The San Francisco-based ride-hailing company said its “public-facing” systems had not been affected, adding that the company’s databases for storing “sensitive” user data such as bank details and travel history had not been breached. The attackers also did not change the software code of its apps and services, Uber said.
Uber said it was “likely” that hackers linked to Lapsus$ purchased the contractor’s passwords on the dark web.
“The attacker then repeatedly attempted to log into the contractor’s Uber account,” the company said. “Each time, the contractor received a two-factor login approval request that initially blocked access. However, eventually the contractor accepted one and the attacker successfully logged in.”
fall rise to fame Late last year, Claire Tills of the cybersecurity group Tenable said. London police said in March they had arrested seven people, aged between 16 and 21, linked to the gang.
Thiers noted that the group said it was not “politically motivated or state-sponsored,” but out of a quest for notoriety. A Tenable study published earlier this year called the group “brazen, immature and illogical”.
The pattern appeared to be evident on Sunday, when a user on the Grand Theft Auto web forums, claiming to be the person who hacked Uber a few days earlier, posted 90 leaked videos and images Grand Theft Auto 6A follow-up suggested it would “negotiate” with the company to prevent more footage from being released.
Rockstar confirmed on Monday that the video was real and the victim of a “cyber intrusion.”
“Our work on the next Grand Theft Auto game continues as planned, and we remain committed to providing you, our players, with an experience that truly exceeds your expectations,” the company posted on Twitter.
Shares of Rockstar’s parent company Take-Two Interactive fell at the start of trading on Monday but recovered by the end of the day. Uber’s stock has risen slightly over the past week.