Uber Blames Hack on Crook Linked to Notorious ‘Lapsus$’ Group

Uber CEO Dara Khosrowshahi
Jerod Harris/Getty
Lucas Nolan

Ridesharing giant Uber recently announced that its systems had been infiltrated by a hacker, now the company is claiming that the hacker is affiliated with the Lapsus$ hacking group that made headlines last year after hacking companies including Microsoft and Nvidia.

The Verge reports that Uber claims that a hacker associated with the Lapsus$ hacking group is behind the recent breach of its internal systems. The hack was discovered last Thursday and forced Uber to take multiple internal systems offline including Slack, Amazon Web Services, and Google Cloud Platform.

SAN FRANCISCO, CALIFORNIA - MARCH 22: The Uber logo is displayed on a car on March 22, 2019 in San Francisco, California. Uber Technologies Inc. announced that it has selected the New York Stock Exchange for its much anticipated initial public offering that could be one of the top five IPOs in history. The listing could value the ride sharing company at over $120 billion. (Photo by Justin Sullivan/Getty Images)

SAN FRANCISCO, CALIFORNIA – MARCH 22: The Uber logo is displayed on a car on March 22, 2019 in San Francisco, California. Uber Technologies Inc. announced that it has selected the New York Stock Exchange for its much anticipated initial public offering that could be one of the top five IPOs in history. The listing could value the ride sharing company at over $120 billion. (Photo by Justin Sullivan/Getty Images)

A few days after Uber was hacked, the video game developer Rockstar Games suffered a breach that saw dozens of videos of the upcoming Grand Theft Auto VI game leaked online. The hacker behind the Rockstar Games hack took credit for the Uber hack as well.

Uber confirmed that the hacker downloaded internal Slack messages as well as information from an internal tool used by the company’s finance team. “We are currently analyzing those downloads,” the company said in a statement.

Lapsus$ is a hacking group known for its ransomware attacks, making headlines after the group attacked the Brazilian Ministry of Health in December 2021, compromising the coronavirus vaccination data of millions. The group also targeted a number of high-profile companies including Nvidia, Samsung, Microsoft, and Vodafone. London police arrested several group members earlier this year, all of which were teenagers.

Uber has given more details about the hack, claiming that the attacker likely purchased an Uber contractor’s corporate password on the dark web after the contractor’s devices were infected with malware. “The attacker then repeatedly tried to log in to the contractor’s Uber account,” the company said. “Each time, the contractor received a two-factor login approval request, which initially blocked access. Eventually, however, the contractor accepted one, and the attacker successfully logged in.”

The hacker then accessed other Uber employee accounts, gaining more permissions to multiple internal tools.

Read more at the Verge here.

Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan

COMMENTS

Please let us know if you're having issues with commenting.