Uber Technologies Inc. has shut down internal Slack messaging as it investigates a cybersecurity breach by a hacker claiming to have accessed sensitive company data.
Employees (on 15 September 2022) received a Slack message from an unknown person claiming “I am a hacker,” according to one person with knowledge of the matter. The perpetrator co-opted a staff member’s account and claimed to have gained access also to internal databases, the person said. The cyberattacker was an 18-year-old who managed to infiltrate a plethora of internal systems, providing snapshots of emails and code repositories to prove his exploits, the New York Times reported.
The company, which said on Twitter its contacted law enforcement, froze all Slack communications while it investigates the hacker’s claims. Uber’s ride-hailing and food delivery services appeared to be operating normally across the world, the people said.
Uber has run afoul of hackers before. It paid $148 million to settle claims related to a large-scale data breach that exposed the personal information of more than 25 million of its US users in 2016. The New York Times reported the latest hack earlier on Thursday.