Uber Hacker May Have Compromised Secret Bug Reports
Uber has reportedly been breached again after a threat actor claimed to have accessed its email and cloud systems as well as its internal Slack account and HackerOne tickets. The attack was announced last week and could have major effects on the ride-share company. The hacker allegedly sent screenshots to news outlets and security companies to prove they had access to various internal corporate IT systems belonging to Uber. Initial access was achieved after the attacker impersonated a member of Uber’s IT department and sent a text to an employee requesting their password.
Yuga Labs staff security engineer Sam Curry has been interacting with both the hacker and Uber employees. Curry stated that it appears as though sensitive vulnerability reports stored on the company’s HackerOne account have been compromised. Due to the fact that an unknown actor has accessed an Uber employee’s HackerOne account and is commenting on all of the tickets, they can likely view the sensitive information. This could be dangerous if the individual seeks to monetize the bugs, sell information to other attackers, and leverage the flaws that have yet to be fixed or publicly disclosed. The news of Uber’s breach comes just one week after the start of a landmark court case that sees former Uber chief security officer Joe Sullivan facing charges for failing to properly disclose a data breach that occurred in 2016 and affected 57 million users.