Uber has been hacked

September 22, 2022

A comment by Danielle Jablanski, OT cybersecurity strategist at Nozomi Networks

On 16.09. it was announced that the ride service provider Uber has been the victim of a cyber attack. The attacker was an 18-year-old who was able to obtain the access data of employees using the simplest social engineering techniques. This incident shows that even large, globally active companies are not always exemplarily secured against commonly used attack techniques.

The timing is interesting from a political point of view, even if the motivation seems to be unrelated to the trial according to the news shared. Regardless of the outcome of the trial, it is alarming that an individual was apparently able to gain such widespread access using known social engineering techniques to access an internal corporate VPN. This is a typical teaching example that security experts use to explain to people what damage unauthorised access can really do. This awareness is important to promote better security practices. We always cover such hypothetical situations or report incidents we have seen in practice, but we also advocate responsible disclosure. It does not make a good impression to publicly try to embarrass a company by doing something illegal. 

Related Articles

Rohde & Schwarz at International Security Expo 2024

Rohde & Schwarz at International Security Expo 2024

Loss Prevention and a safe Critical Infrastructure with Advanced Scanning Technology Rohde & Schwarz participates in the annual International Security Expo, taking place in London, from September 24-25, 2024. At booth D30 in the Olympia main hall Rohde &...

Share This