Hacker’s story was published by The New York Times, to which he independently sent proof of his attack. In addition to journalists, security researchers also received material.

Attack on Uber

I declare that I am a hacker and that Uber suffered a data breach,
– Said the message in the Slack corporate messenger.

The anonymous attacker used social engineering, not technical or software vulnerabilities in Uber’s systems. It is a set of actions based mainly on psychology and observation of human behavior, aimed at gaining the victim’s trust and forcing them to voluntarily give their data.

• Gained initial access to the internal network by contacting an Uber employee via WhatsApp. Somehow, the hacker got hold of his phone number and then convinced him to go to a fake Uber site, which captured the credentials he entered in real time and used it to log into the real site.
• Uber has installed multi-factor authentication in the form of an app that requires you to press a button on your smartphone to log in. The employee pressed the button without suspecting anything.
• After that, the culprit discovered powershell scripts that were registered by the administrator and automate the login process to various network resources.
• The company responded by shutting down part of its internal network.
• It is not yet clear what data the hacker has accessed. It is also unknown whether he managed to copy something or pass it on to others.

What is known about the hacker

• She claims to be 18 years old.
• Uber complained on Slack channels that Uber drivers were underpaid; this could be a reference to his work at the company or to one of his relatives, friends or acquaintances.
• The fact that the attacker took no steps to conceal his actions indicates that the attacker was not motivated by financial gain from ransomware, extortion or espionage.