Uber Suffers second major Cybersecurity Data Breach since 2016

We are monitoring this situation and will be updating this post as more information is gathered.  Look for a live stream update as soon as I know more.  I will update this page as I receive updates from our security sources.  Please if you have any comments or concerns, please comment below.  The latest information is at the top of the page.

Update 3:19 PM 09/16/2022

Uber said Friday that all its services are fully operational after what security experts said was a massive breach. Uber said there was no evidence the hacker had access to sensitive user data.

Update 3:22 AM 09/16/20222

Last night (late Thursday afternoon) it became known that Uber had suffered a major cybersecurity breach. The breach has been acknowledged by Uber and an official statement will be released shortly. It was allegedly caused by a social engineering attack on an employee which resulted in the attacker stealing their access credentials.

The New York Times spoke to the hacker who claimed full access to many critical Uber IT systems, including the company’s security software and Windows domain, Amazon Web Services console, VMware ESXi virtual machines and Google Workspace email admin, as well as their Slack channel, to which the hacker posted messages.

image courtesy of BleepingComputer

Bleeping Computer reported the hacker also accessed Uber’s Bug Bounty program and accessed many vulnerabilities that have yet to be fixed.

This is where I would normally say, update your credentials, change your password, enable 2 factor authentication, (which is always sound advice) but I just don’t know what was compromised or what Uber has done to lock out the hacker.

I will send out updates as soon as I learn more. You can also visit our Uber Breach Blog to stay up to date and post your thoughts, comments, and concerns. This breach has the potential to be one of the largest of 2022 and possibly the largest in a while.