Uber Just Had a Security Breach (Update: Uber Responds)

It seems like these days, no one is safe from breaches and attacks. The latest service that appears to have fallen victim to a security breach is Uber, as the company reported a “cybersecurity incident” to its users.

Update, 9/16/22: Uber has released another statement on Twitter, saying the company has “no evidence that the incident involved access to sensitive user data (like trip history).” That doesn’t say a lot, and it’s not clear what “sensitive user data” entails besides trip history. The investigation is still ongoing.

After reports began arising of a possible security breach forcing Uber to shut down several internal communication channels and engineering systems, Uber confirmed on Twitter that it was currently responding to a “cybersecurity incident.” The company is working with law enforcement to resolve the situation, and it will post more information about the issue as it becomes available.

As per current reports, a hacker managed to get access to the Slack account of an Uber employee and sent a message to other Uber employees announcing that there has been a data breach. The hacker also reportedly breached other internal systems, as they posted a photo of an internal employee information page. They also appear to have gotten access to an admin account on the app’s AWS and Google Cloud backends.

Right now, there’s no way to know if this incident means some of your account information is compromised. However, just in case, it’s never a bad idea to change your password or lock your debit/credit card if you have one linked. While Uber will likely soon clarify whether it’s something that should worry users and the extent of the issue, precautionary measures are never bad.

Other companies/apps that have been breached in recent days include Samsung, LastPass, DoorDash, and Plex. Uber is just the latest one to join this list.

Source: Uber / Reuters / Marcus Hutchins