Connect with us


Uber Blames Lapsus$ Hacking Collective For Data Breach

The hack targeted a Slack channel using a password purchased from the dark web, though the company claims no client data was compromised.



uber blames lapsus$ hacking collective for data breach

Lapsus$ is a collective of hackers famous for ransomware attacks and data theft from huge companies such as Microsoft, Vodafone and Nvidia. Now, the group has successfully targeted ride-sharing giant Uber.

Uber’s systems were breached sometime last week, with employees discovering the hack on Thursday, 15th September. The infiltrator announced their actions on the company’s internal Slack account with a message that read: “I announce I am a hacker and Uber has suffered a data breach.”

Uber claims the hacker is associated with the Lapsus$ group. If that’s true, it means they could also be responsible for a massive data breach of Rockstar Games and its upcoming Grand Theft Auto VI (GTA 6) release, as the attacker announced that they were, in fact, the same person.

As far as Uber is concerned, no customer data was compromised during the hack, with the breach targeting invoice management tools and content from Slack channels.

In a new update about the fiasco, Uber believes the attack happened after the hacker purchased a corporate password on the dark web from a personal device that was infected with malware. Even though 2-factor authentication was activated, the contractor inexplicably allowed a login approval request, which granted entry to the account.

Since the data breach, the company has forced all users to change their login credentials and is adamant that any public-facing financial data or personal information remains secure.

Also Read: DDoS Attacks Are A Growing Threat In Gaming

“First and foremost, we’ve not seen that the attacker accessed the production (i.e. public-facing) systems that power our apps; any user accounts; or the databases we use to store sensitive user information, like credit card numbers, user bank account info, or trip history. We also encrypt credit card information and personal health data, offering a further layer of protection,” says Uber in an official statement.

To add to the embarrassment, Uber admits that the hacker accessed the company’s dashboard portal at HackerOne, where researchers report security bugs and vulnerabilities. In addition to law enforcement, Uber is now working alongside leading digital forensics teams to get to the bottom of the breach.


📢 Get Exclusive Monthly Articles, Updates & Tech Tips Right In Your Inbox!


Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


LEAP 2024 Will Shine A Light On Female Innovators In Technology

Women comprise nearly a third of the event’s speaker lineup alongside a dedicated program of high-level content, investment, and mentorship.



leap 2024 will shine a light on female innovators in technology

LEAP 2024, a premier global technology event, will highlight the achievements of women in the technology sector as it returns for its third edition at the Riyadh Exhibition and Convention Centre in Malham district from March 4 to 7.

Hosted by Tahaluf, a strategic collaboration between Informa PLC, the Events Investment Fund (EIF), and the Saudi Federation for Cybersecurity, Programming, and Drones (SAFCSP), LEAP 2024 will feature a dedicated program titled “Women in Tech”. The program will offer enriching content, investment opportunities, networking sessions, mentorship programs, and a special startup award.

leap 2024 event women in tech

The initiative aims to inspire women to actively participate in the technology industry, aligning with broader diversity efforts. Reflecting the Kingdom’s commitment to equality, the focus on “Women in Tech” coincides with the increasing female participation at LEAP events.

Annabelle Mander, Senior Vice President of Tahaluf, emphasized the event’s commitment to gender inclusivity, stating, “Female representation is across all of LEAP’s features and reflects the event’s mission of driving economic diversification and providing market access to international business. Within Tahaluf itself, half of our team members are women, and women make up half of our SMT, too”.

Also Read: Saudi Arabia Aims For 70% Cashless Transactions By 2025

The “Women in Tech” program will feature distinguished speakers including Nadine Hachach Haram, CEO and Founder of Proximie, and Sahar Albanarna from IMPACTIQUE Bahrain, who explained: “Over 26 million women worldwide with professional experience and degrees are not in the global workplace. This demographic includes a huge pool of untapped talent which technology can help unleash to fuel the co-creation of exponential solutions across multiple sectors. To help women access productive employment, we urge industry leaders to support high-impact female entrepreneurs as a means to boost their economies and accelerate the UN’s sustainable development goals by promoting inclusive and sustainable economic growth”.

The event will also provide a platform for female-led startups and entrepreneurs to pitch for funding and support through various initiatives such as the Women’s Investor Forum, Entrepreneur Mentorship Scheme, and the Aviatrix Award at the Rocket Fuel pitch competition, offering a prize fund of US$150,000.

Continue Reading