What Happened to Uber? Cybersecurity Hack Under Investigation
A hacker made their way into Uber's internal software by way of an employee. Here’s what to know about the Uber hack. How much data is at risk?
Sept. 16 2022, Published 10:57 a.m. ET
A hacker made their way into the internal database of Uber Technologies Inc. (UBER) by way of an employee’s Slack account. It isn't clear how much data is at risk, but the "cybersecurity incident" (as Uber calls it) led to a sharp drop in shareholder sentiment on Friday, Sept. 16.
Here’s what to know about the Uber hack, including what’s at risk as the rideshare company continues to investigate.
Uber announced that it experienced a "cybersecurity incident."
Uber’s communications account on Twitter (@Uber_Comms) wrote on Thursday night, “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.”
This isn't the first time Uber has fallen victim to a hack. In 2016, a hacker compromised data from 57 million drivers and customers. The company’s former security chief Joseph Sullivan is currently standing trial for an alleged cover-up.
While the breadth and severity of the current hack remains unclear, it’s natural for people to be nervous given Uber’s freckled cybersecurity history.
The Uber hack is a product of social engineering.
The hacker reportedly made its way into Uber’s internal system via an employee’s Slack account. Slack is a messaging platform many companies use for internal communications.
The hacker reportedly posted a message on Slack, “I announce I am a hacker and Uber has suffered a data breach.” Due to the hack, Uber’s Slack workspace is currently disabled.
The hacker could have access to user data, but also corporate financial data and possibly even Uber’s source code. However, the extent of what the hacker has been able to access remains vague.
The hacker utilized social engineering, a subtype of hacking relying on human interaction and psychological manipulation to secure access to information and systems. Ian McShane, vice president of strategy at cybersecurity company Arctic Wolf, told reporters, “It’s proof once again that often the weakest link in your security defenses is the human.”
This weakness could be a big problem for Uber. The company is still trying to rebuild its image years after ditching founder and former CEO Travis Kalanick. From disability lawsuits to claims of global monopolization, Uber hasn't had a shortage of messes to clean up. Given the current situation, it seems Kalanick isn't all to blame, and that Uber itself has some reckoning to do for its own sake.
UBER stock falterred upon news of the hack.
UBER stock fell 6.58 percent overnight on Friday morning upon word of the hack. The shares recovered nearly 2.5 percent by mid-morning, but the general sentiment remains skeptical as the company has yet to divulge details of the hack. The downtrend adds to 28.99 percent losses YTD, most of which occurred during the early part of the year, but UBER stock is still trading at nearly half of its all-time high.
With a hack that’s currently being investigated, the company will need to work harder to recuperate what it has lost from its market capitalization.