Slack Account Hacked in Uber Cybersecurity Incident
September 29, 2022

On September 15, 2022, Uber announced that it is investigating a cybersecurity incident following reports that it had been hacked. A hacker had gained control of Uber’s internal systems after compromising the Slack account of an employee. Initial reports indicate that the hacker used social engineering, a tactic by which criminals prey on people’s credulity and inexperience to gain entry to corporate accounts and sensitive data. After compromising Uber’s internal Slack messaging service, the hacker accessed other internal databases, took over Uber’s Amazon Web Services and Google Cloud accounts, and gained access to internal financial data.
Ian McShane, vice president of strategy at cybersecurity firm Arctic Wolf, said, “It’s proof once again that often the weakest link in your security defenses is the human.” News of the attack comes at the same time as Uber’s former security chief, Joe Sullivan, is on trial over a 2016 breach in which the records of 57 million users and drivers were stolen. In 2017, the company acknowledged that it had concealed the attack and the following year paid $148 million in a settlement with 50 U.S. states and Washington, D.C.
Get our free daily newsletter
Subscribe for the latest news and business legal developments.
Read this next
The AI Executive Order’s Impact on the Healthcare Industry
President Biden’s Executive Order on the Safe, Secure, and Trustworthy Development and […]
Cybersecurity Agency Warns About Hacking Collective
The Cybersecurity and Infrastructure Security Agency and the FBI have issued a […]
Data Privacy and Reputation Concerns About Adopting AI
Reputational damage was the greatest source of concern about AI, followed by […]