Uber suffered a hacking attack and had to shut down its internal messaging and engineering systems to investigate the incident, The New York Times reported. The publication’s sources reported that employees were ordered not to log into Slack, where an attacker posted a message that read, “I announce I am a hacker and Uber has suffered a data breach” (along with a bunch of emoji), after which the service was shut down. In a tweet confirming the hack, the company said that it was currently responding to a cybersecurity incident and that it was now in contact with law enforcement.
According to The Times, the hacker’s message to Slack also listed the databases they said they were able to break into. In turn, The Washington Post obtained screenshots where the attacker bragged that he was able to collect internal code and message data.
An Uber employee explained that the attacker was able to write a message on the company’s Slack after compromising an employee’s account. He then gained access to other internal Uber systems and posted an explicit photo on an internal page.
The fact that Uber acknowledged the incident and contacted authorities shortly after it took place is significantly different from how the company handled the 2016 data breach. The company hid the attack for a year and, instead of reporting the incident, paid the hackers $100,000 to remove the information they stole.
Uber’s former head of security, Joseph Sullivan, was fired and eventually charged with obstruction of justice for the role he played in hiding the information, though his lawyers argued he was used as a scapegoat. In July of this year, Uber reached a settlement agreement with the Department of Justice for failing to disclose the hacking information.