Uber employees on Thursday discovered that huge swaths of their internal network had been accessed by someone who announced the feat on the company Slack channel. The intruder, who sent screenshots documenting the breach to The New York Times and security researchers, claimed to be 18 years old and was unusually forthcoming about how it occurred and just how far it reached, according to the news outlet, which broke the story.
It didn’t take long for independent researchers, including Bill Demirkapi of Microsoft, to confirm The New York Times coverage and conclude that the intruder likely gained initial access by contacting an Uber employee over WhatsApp.
The Uber hack is quite severe and wide ranging. Wishing their blue teams the best of luck and love during this understandably difficult period. Some thoughts & observations based on what we’ve seen so far 1/N
— Bill Demirkapi (@BillDemirkapi) September 16, 2022
After successfully obtaining the employee’s account password, the hacker tricked the employee into approving a push notification for multifactor authentication. The intruder then uncovered administrative credentials that gave access to some of Uber’s crown-jewel network resources. Uber responded by shutting down parts of its internal network while it investigates the extent of the breach.