Uber reveals Lapsus$-linked hacker responsible for cyber attack

Uber Technologies said a hacker affiliated with the Lapsus$ hacking group was responsible for a cyber attack that forced the ride-hailing company to shut internal communications last week.
Uber Eats network
Uber said the attacker had not accessed any user accounts and the databases that store sensitive user information such as credit card numbers, bank account or trip details.

Uber said the attacker accessed several internal systems. Uber said its investigation has focused on determining whether there was any material impact. Uber said that investigation was still ongoing.

Uber’s Chief Technology Officer is Sukumar Rathnam. In 2020, Sukumar Rathnam joined Uber from Amazon in place of CIO Shobhana Ahluwalia.

Uber does not reveal the name of its cyber security vendors and other tech suppliers, who are responsible for the cyber protection.

The company said it was in close coordination with the FBI and the U.S. Department of Justice on the matter.

Friday’s cybersecurity incident had brought down Uber’s internal communication system for a while and employees were restricted to use Salesforce-owned office messaging app Slack.

Uber said the attacker logged in to a contractor’s Uber account after they accepted a two-factor login approval request following multiple requests, giving the hacker access to several employee accounts and tools such as G-Suite and Slack.

The hacking group, Lapsus$, has targeted firms including Nvidia, Microsoft and Okta, an authentication services company relied on by thousands of major businesses.

Lapsus$ could not be immediately reached for comment.

The hacker, who goes by the name teapotuberhacker, also reportedly claimed to leak early gameplay footage of Take-Two Interactive Software’s much-awaited game Grand Theft Auto VI on Monday.

The hacker posted a message on the forum about seeking to negotiate a deal with the video-gaming company.