Logo

Logo

Lapsus$ hackers broke into our internal systems, reveals Uber

In December 2021, Lapsus$ launched a ransomware attack against the Brazilian Ministry of Health, compromising millions of vaccination records.

Lapsus$ hackers broke into our internal systems, reveals Uber

(Photo: IANS)

The infamous In December 2021, Lapsus$ launched a ransomware attack against the Brazilian Ministry of Health, compromising millions of vaccination records. organisation is to blame for the cyber attack on Uber’s internal systems last week, according to the multinational ride-hailing company.

The business emphasised that no user or customer information was stolen in the attack.

Advertisement

“We believe that this attacker (or attackers) are affiliated with a hacking group called Lapsus$, which has been increasingly active over the last year or so,” Uber said in an update.

Advertisement

This group typically uses similar techniques to target technology companies, and this year breached Microsoft, Cisco, Samsung, Nvidia and Okta, among others.

“There are also reports that this same actor breached video game maker Rockstar Games. We are in close coordination with the FBI and the US Department of Justice on this matter and will continue to support their efforts,” Uber added.

The attacker accessed several internal systems at Uber.

The company said it did not see that the attacker accessed the production (public-facing) systems that power its apps; any user accounts; or the databases it uses to store sensitive user information, like credit card numbers, user bank account info, or trip history.

“We reviewed our codebase and have not found that the attacker made any changes. We also have not found that the attacker accessed any customer or user data stored by our cloud providers,” said Uber.

It does appear that the attacker downloaded some internal Slack messages, according to Uber, as well as accessed or downloaded information from an internal tool “our finance team uses to manage some invoices”.

“We are currently analysing those downloads”.

The attacker was able to access the Uber dashboard at HackerOne, where security researchers report bugs and vulnerabilities.

“However, any bug reports the attacker was able to access have been remediated,” Uber added.

In December 2021, Lapsus$ launched a ransomware attack against the Brazilian Ministry of Health, compromising millions of vaccination records.

The UK Police detained a number of the group’s members earlier this year, the most of them were minors.

(inputs from IANS)

Advertisement