Uber has been hacked

September 22, 2022

A comment by Danielle Jablanski, OT cybersecurity strategist at Nozomi Networks

On 16.09. it was announced that the ride service provider Uber has been the victim of a cyber attack. The attacker was an 18-year-old who was able to obtain the access data of employees using the simplest social engineering techniques. This incident shows that even large, globally active companies are not always exemplarily secured against commonly used attack techniques.

The timing is interesting from a political point of view, even if the motivation seems to be unrelated to the trial according to the news shared. Regardless of the outcome of the trial, it is alarming that an individual was apparently able to gain such widespread access using known social engineering techniques to access an internal corporate VPN. This is a typical teaching example that security experts use to explain to people what damage unauthorised access can really do. This awareness is important to promote better security practices. We always cover such hypothetical situations or report incidents we have seen in practice, but we also advocate responsible disclosure. It does not make a good impression to publicly try to embarrass a company by doing something illegal. 

Related Articles

DUSgateway – new service for passengers

DUSgateway – new service for passengers

Bookable as of 28 March: Through the security check at Düsseldorf Airport by time slot. Photo: Andreas Wiese / Flughafen Düsseldorf GmbH Security check appointments bookable as of 28 March Travellers can book a time slot for the security check at Düsseldorf Airport...

Bitkom awards 15 new smart schools

Bitkom awards 15 new smart schools

Total network grows to 116 pioneering schools for digital education Green Smart Schools also awarded for digitalisation and sustainability for the first time Digital school and teaching concepts, a fast and reliable digital infrastructure, teachers with digital...

Share This