News
Uber Blames Lapsus$ Hacking Collective For Data Breach
The hack targeted a Slack channel using a password purchased from the dark web, though the company claims no client data was compromised.
Lapsus$ is a collective of hackers famous for ransomware attacks and data theft from huge companies such as Microsoft, Vodafone and Nvidia. Now, the group has successfully targeted ride-sharing giant Uber.
Uber’s systems were breached sometime last week, with employees discovering the hack on Thursday, 15th September. The infiltrator announced their actions on the company’s internal Slack account with a message that read: “I announce I am a hacker and Uber has suffered a data breach.”
Uber claims the hacker is associated with the Lapsus$ group. If that’s true, it means they could also be responsible for a massive data breach of Rockstar Games and its upcoming Grand Theft Auto VI (GTA 6) release, as the attacker announced that they were, in fact, the same person.
As far as Uber is concerned, no customer data was compromised during the hack, with the breach targeting invoice management tools and content from Slack channels.
In a new update about the fiasco, Uber believes the attack happened after the hacker purchased a corporate password on the dark web from a personal device that was infected with malware. Even though 2-factor authentication was activated, the contractor inexplicably allowed a login approval request, which granted entry to the account.
Since the data breach, the company has forced all users to change their login credentials and is adamant that any public-facing financial data or personal information remains secure.
Also Read: DDoS Attacks Are A Growing Threat In Gaming
“First and foremost, we’ve not seen that the attacker accessed the production (i.e. public-facing) systems that power our apps; any user accounts; or the databases we use to store sensitive user information, like credit card numbers, user bank account info, or trip history. We also encrypt credit card information and personal health data, offering a further layer of protection,” says Uber in an official statement.
To add to the embarrassment, Uber admits that the hacker accessed the company’s dashboard portal at HackerOne, where researchers report security bugs and vulnerabilities. In addition to law enforcement, Uber is now working alongside leading digital forensics teams to get to the bottom of the breach.
News
Lebanon Ministers Meet Visa Over National Digital Payment Platform
Finance and technology ministers say a comparative study and roadmap will follow before any decision on adopting a model.
Lebanon’s finance and technology ministers met representatives from Visa last week to discuss a proposed unified national digital payment platform for government services, according to a readout from the Ministry of Finance.
The meeting brought together Finance Minister Yassin Jaber, Minister of State for Technology and Artificial Intelligence Kamal Shehadeh, a Visa delegation, and experts from both ministries. Discussion focused on whether Lebanon could establish a single platform through which citizens and institutions would pay taxes, fees, fines and other official transactions electronically, using mobile phones and other digital channels.
The Visa delegation presented examples from countries that have adopted unified government payment platforms, including the United Arab Emirates, Singapore, Estonia and Jordan. According to the readout, the examples were presented as having increased collection rates and expanded financial inclusion.
Talks covered settlement mechanisms, direct transfer to the treasury account, financial reconciliation, risk management, cybersecurity, fees, and an operational model that would involve the private sector. The parties agreed to continue technical and institutional consultations, prepare a comparative study, and develop an implementation roadmap before any decision on adopting a model for Lebanon.
Jaber said the Ministry of Finance had already enabled citizens to pay using credit cards and e-wallets through transfer companies, but described the proposed platform as a further step. He framed the development of electronic payment and collection systems as a priority within the ministry’s modernization plan.
Also Read: Deezer Says AI Tracks Now Make Up 44% Of Uploads
Shehadeh outlined the citizen-facing concept as a single mobile application through which users could settle obligations to ministries, government institutions and other bodies.
“The idea, in short, is that any citizen downloads an application on their mobile phone, through which they can pay all service obligations for all ministries, government institutions, or those owned by the Lebanese state, and others as well, as the platform is not limited only to state institutions,” he said.
Shehadeh added that the platform would not displace banks and money transfer companies that currently provide collection services to the state, calling it complementary to their work.
Lebanon Ministers Meet Visa Over National Digital Payment Platform
AltoVolo Releases Sigma Footage & Sets Date For Demonstrator
Careem Launches Lebanon Aid Drive With WFP
United Arab Emirates To Quit OPEC After 59 Years
YouTube Tests Conversational AI Search Tool
Yango Ride Introduces In-Chat Trip Planning In ChatGPT
Deezer Says AI Tracks Now Make Up 44% Of Uploads
NVIDIA Puts GPT-5.5 Codex In Hands Of 10,000 Staff
United Arab Emirates To Quit OPEC After 59 Years
