Note

Uber says hacker group Lapsus$ behind cybersecurity incident

Verified Media
CNN Business
· Views 365

Washington (CNN Business)Uber has linked the cybersecurity incident it disclosed last week to hackers affiliated with the Lapsus$ gang, a group accused of numerous high-profile corporate data breaches. The company also said the attackers were able to download or access company Slack messages and invoice-related data from an internal tool.

In a blog post on Monday, Uber (UBER) said the attackers first gained access to the company's systems when they successfully convinced a contractor to grant a multi-factor authentication challenge. The contractor's network password had likely been obtained separately on a dark web marketplace, Uber said.
"From there, the attacker accessed several other employee accounts which ultimately gave the attacker elevated permissions to a number of tools, including G-Suite and Slack," the blog post said. "The attacker then posted a message to a company-wide Slack channel, which many of you saw, and reconfigured Uber's OpenDNS to display a graphic image to employees on some internal sites."
    The attacker did not access user-facing systems, user accounts, databases containing personal information or the code that powers Uber's products, the company said. But it added the investigation is continuing in coordination with law enforcement and multiple cybersecurity firms.
      The blog post marks the first time Uber has publicly attributed the incident to the Lapsus$ gang, which targeted Microsoft earlier this year and is also accused of attacking Nvidia, Okta and other companies.
      Read More
      Uber added that in response to the breach, it is strengthening its multifactor authentication policies and has reset employee access to internal tools.

      Reprinted from CNN,the copyright all reserved by the original author.

      Disclaimer: The content above represents only the views of the author or guest. It does not represent any views or positions of FOLLOWME and does not mean that FOLLOWME agrees with its statement or description, nor does it constitute any investment advice. For all actions taken by visitors based on information provided by the FOLLOWME community, the community does not assume any form of liability unless otherwise expressly promised in writing.

      FOLLOWME Trading Community Website: https://www.followme.com

      If you like, reward to support.
      avatar

      Hot

      No comment on record. Start new comment.

      Content related

      CNN Business
      Verified Media
      CNN Business
      Posts 2,691 Followers 1,389
      View the latest business news around the world, and explore articles on global markets, finance, tech, and the innovations driving us forward.
      MSFT
      MSFT
      96 Followers