{"id":264,"date":"2022-09-18T22:58:53","date_gmt":"2022-09-18T22:58:53","guid":{"rendered":"https:\/\/middletontech.com\/blog\/?p=264"},"modified":"2022-09-18T23:32:56","modified_gmt":"2022-09-18T23:32:56","slug":"uber-hacked-again","status":"publish","type":"post","link":"https:\/\/middletontech.com\/blog\/resources\/uber-hacked-again\/","title":{"rendered":"Uber hacked? Again?"},"content":{"rendered":"\n[et_pb_section fb_built=&#8221;1&#8243; _builder_version=&#8221;4.16&#8243; global_colors_info=&#8221;{}&#8221;][et_pb_row _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221;][et_pb_column _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; type=&#8221;4_4&#8243;][et_pb_image src=&#8221;https:\/\/middletontech.com\/blog\/wp-content\/uploads\/2022\/09\/hacked.jpeg&#8221; _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; title_text=&#8221;hacked&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.16&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221; hover_enabled=&#8221;0&#8243; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;][et_pb_column type=&#8221;4_4&#8243; _builder_version=&#8221;4.16&#8243; custom_padding=&#8221;|||&#8221; global_colors_info=&#8221;{}&#8221; custom_padding__hover=&#8221;|||&#8221;][et_pb_text _builder_version=&#8221;4.18.0&#8243; background_size=&#8221;initial&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221; hover_enabled=&#8221;0&#8243; global_colors_info=&#8221;{}&#8221; sticky_enabled=&#8221;0&#8243;]<p><!-- divi:paragraph -->Uber confirmed on Thursday, September 15th, 2022 that it was investigating a possible data breach after a hacker claimed that they had compromised Ubers internal &amp; external networks. A message posted on Ubers internal communications system by an anonymous hacker told employees &#8220;I announce I am a hacker and Uber has suffered a data breach.&#8221;<\/p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221;][et_pb_column _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; type=&#8221;4_4&#8243;][et_pb_code _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-6968169332234601\"<!-- [et_pb_line_break_holder] -->     crossorigin=\"anonymous\"><\/script><!-- [et_pb_line_break_holder] --><ins class=\"adsbygoogle\"<!-- [et_pb_line_break_holder] -->     style=&#8221;display:block; text-align:center;&#8221;<!-- [et_pb_line_break_holder] -->     data-ad-layout=&#8221;in-article&#8221;<!-- [et_pb_line_break_holder] -->     data-ad-format=&#8221;fluid&#8221;<!-- [et_pb_line_break_holder] -->     data-ad-client=&#8221;ca-pub-6968169332234601&#8243;<!-- [et_pb_line_break_holder] -->     data-ad-slot=&#8221;9456214279&#8243;><\/ins><!-- [et_pb_line_break_holder] --><script><!-- [et_pb_line_break_holder] -->     (adsbygoogle = window.adsbygoogle || []).push({});<!-- [et_pb_line_break_holder] --><\/script>[\/et_pb_code][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; column_structure=&#8221;1_2,1_2&#8243; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;][et_pb_column _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; type=&#8221;1_2&#8243;][et_pb_code _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<blockquote class=\"twitter-tweet\"><pee lang=\"en\" dir=\"ltr\">We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.<\/pee>&mdash; Uber Comms (@Uber_Comms) <a href=\"https:\/\/twitter.com\/Uber_Comms\/status\/1570584747071639552?ref_src=twsrc%5Etfw\">September 16, 2022<\/a><\/blockquote> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>[\/et_pb_code][\/et_pb_column][et_pb_column _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; type=&#8221;1_2&#8243;][et_pb_code _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<blockquote class=\"twitter-tweet\"><pee lang=\"en\" dir=\"ltr\">Honestly kind of a classy way to hack someone \ud83d\ude02\ud83d\ude02\ud83d\ude02<a href=\"https:\/\/twitter.com\/Uber?ref_src=twsrc%5Etfw\">@Uber<\/a> <a href=\"https:\/\/t.co\/fFUA5xb3wv\">pic.twitter.com\/fFUA5xb3wv<\/a><\/pee>&mdash; Colton (@ColtonSeal) <a href=\"https:\/\/twitter.com\/ColtonSeal\/status\/1570596125924794368?ref_src=twsrc%5Etfw\">September 16, 2022<\/a><\/blockquote> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>[\/et_pb_code][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221;][et_pb_column _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; type=&#8221;4_4&#8243;][et_pb_text _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<p>According to an article from the <span style=\"text-decoration: underline;\"><a href=\"https:\/\/www.nytimes.com\/2022\/09\/15\/technology\/uber-hacking-breach.html\">New York Times,<\/a><\/span> an unidentified hacker successfully used WhatsApp and a fake Uber site to trick an Uber employee into giving out their username and password to the Uber system. The hacker managed to get ahold of an Uber employees WhatsApp number and pretended to be a corporate IT person, asking the employee to log into a fake Uber site via a direct link. Once the Uber employee logged into the fake site, the individual then captured the credentials in real time and used those credentials to log into the real Uber site as well as create their own two factor authenticator so they would have permanent access.<a href=\"https:\/\/www.nytimes.com\/2022\/09\/15\/technology\/uber-hacking-breach.html\"><\/a><\/p>\n<p>After gaining access to the internal Uber system the individual then scanned the system and found a powershell script that contained the username and password for an admin user account, using those credentials they alleged they were able to gain access to all Uber services, DA, DUO, OneLogin, ASW &amp; GSuite.<\/p>\n<p>This also gained the user access to internal messaging tools such as Slack, which was used to post a message that Uber had been compromised and that drivers should have higher pay. This caused Uber to suspend the use of all internal tools until they they could investigate further.<\/p>\n<p>It hasn&#8217;t been confirmed by Uber exactly what access the individual had in the system or that any critical data was compromised, but it appears a person claiming responsibility for the hack sent images of emails, cloud storage details and code respositories to cybersecurity researchers and The New York Times. A quick search on Twitter for Uber hack and it was easy to see these images as well. The individual responsible told the Times that he broke into Uber&#8217;s system because the company had weak security.<\/p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221;][et_pb_column _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; type=&#8221;4_4&#8243;][et_pb_code _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<blockquote class=\"twitter-tweet\"><pee lang=\"zxx\" dir=\"ltr\"><a href=\"https:\/\/t.co\/BwzpviHxmR\">pic.twitter.com\/BwzpviHxmR<\/a><\/pee>&mdash; Uber Comms (@Uber_Comms) <a href=\"https:\/\/twitter.com\/Uber_Comms\/status\/1570829232246509569?ref_src=twsrc%5Etfw\">September 16, 2022<\/a><\/blockquote> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>[\/et_pb_code][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221;][et_pb_column _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; type=&#8221;4_4&#8243;][et_pb_text _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<h3><strong>So what should you do?<\/strong><\/h3>\n<p>This is a nightmare for everyone, not just Uber but also Uber customers, drivers and restaurants. If the hack was true and the information was accessed and the hacker had access to the Uber databases your email, phone number, address or whole Uber accounts could have been compromised as well.<\/p>\n<p>The best thing to do anytime you hear about a company getting hacked is to change all your passwords that are the same as the one you use with that company and enable 2-step verification if the system allows for it. Keep an eye on your credit reports, credit cards and bank accounts for any suspicious activity. Never give out your passwords over the phone, via text or email. If you get an email from a company that ask you to log into their site &amp; you did not try to log in already, make sure you go to that companies site by directly typing the URL into a browser instead of clicking links in the email.<\/p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221;][et_pb_column _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; type=&#8221;4_4&#8243;][et_pb_code _builder_version=&#8221;4.18.0&#8243; _module_preset=&#8221;default&#8221; hover_enabled=&#8221;0&#8243; sticky_enabled=&#8221;0&#8243;]<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-6968169332234601\"<!-- [et_pb_line_break_holder] -->     crossorigin=\"anonymous\"><\/script><!-- [et_pb_line_break_holder] --><ins class=\"adsbygoogle\"<!-- [et_pb_line_break_holder] -->     style=&#8221;display:block; text-align:center;&#8221;<!-- [et_pb_line_break_holder] -->     data-ad-layout=&#8221;in-article&#8221;<!-- [et_pb_line_break_holder] -->     data-ad-format=&#8221;fluid&#8221;<!-- [et_pb_line_break_holder] -->     data-ad-client=&#8221;ca-pub-6968169332234601&#8243;<!-- [et_pb_line_break_holder] -->     data-ad-slot=&#8221;9456214279&#8243;><\/ins><!-- [et_pb_line_break_holder] --><script><!-- [et_pb_line_break_holder] -->     (adsbygoogle = window.adsbygoogle || []).push({});<!-- [et_pb_line_break_holder] --><\/script>[\/et_pb_code][\/et_pb_column][\/et_pb_row][\/et_pb_section]\n","protected":false},"excerpt":{"rendered":"<p>Uber confirmed on Thursday, September 15th, 2022 that it was investigating a possible data breach after a hacker claimed that they had compromised Ubers internal &amp; external networks. A message posted on Ubers internal communications system by an anonymous hacker told employees &#8220;I announce I am a hacker and Uber has suffered a data breach.&#8221;According [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":285,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"<!-- wp:paragraph -->\n<p>Did you hear? Uber confirmed on Thursday, September 15th, 2022 that it was investigating a possible data breach after a hacker claimed that it has comprised Ubers internal network. A message posted on Ubers internal communications system by an anonymous hacker told employees \"I announce I am a hacker and Uber has suffered a data breach.\" Jeff Chiu\/Associated Press<\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:paragraph -->\n<p><\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:html -->\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-6968169332234601\"\n     crossorigin=\"anonymous\"><\/script>\n<ins class=\"adsbygoogle\"\n     style=\"display:block; text-align:center;\"\n     data-ad-layout=\"in-article\"\n     data-ad-format=\"fluid\"\n     data-ad-client=\"ca-pub-6968169332234601\"\n     data-ad-slot=\"9456214279\"><\/ins>\n<script>\n     (adsbygoogle = window.adsbygoogle || []).push({});\n<\/script>\n<!-- \/wp:html -->\n\n<!-- wp:paragraph -->\n<p><\/p>\n<!-- \/wp:paragraph -->\n\n<!-- wp:html -->\n<blockquote class=\"twitter-tweet\"><p lang=\"en\" dir=\"ltr\">We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.<\/p>&mdash; Uber Comms (@Uber_Comms) <a href=\"https:\/\/twitter.com\/Uber_Comms\/status\/1570584747071639552?ref_src=twsrc%5Etfw\">September 16, 2022<\/a><\/blockquote> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<!-- \/wp:html -->","_et_gb_content_width":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[24],"tags":[36,39,12,11,20,35,37,38],"class_list":["post-264","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-resources","tag-hacking","tag-hacking-uber","tag-uber","tag-uber-driver","tag-uber-eats","tag-uber-hacked","tag-uber-was-hacked","tag-was-uber-hacked","et-has-post-format-content","et_post_format-et-post-format-standard"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/middletontech.com\/blog\/wp-json\/wp\/v2\/posts\/264","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/middletontech.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/middletontech.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/middletontech.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/middletontech.com\/blog\/wp-json\/wp\/v2\/comments?post=264"}],"version-history":[{"count":18,"href":"https:\/\/middletontech.com\/blog\/wp-json\/wp\/v2\/posts\/264\/revisions"}],"predecessor-version":[{"id":291,"href":"https:\/\/middletontech.com\/blog\/wp-json\/wp\/v2\/posts\/264\/revisions\/291"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/middletontech.com\/blog\/wp-json\/wp\/v2\/media\/285"}],"wp:attachment":[{"href":"https:\/\/middletontech.com\/blog\/wp-json\/wp\/v2\/media?parent=264"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/middletontech.com\/blog\/wp-json\/wp\/v2\/categories?post=264"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/middletontech.com\/blog\/wp-json\/wp\/v2\/tags?post=264"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}