A recent cyber attack at Uber reveals that keeping technology safe and secure is as important as taxi drivers getting passengers to their destination safely.
Following the data breach last month, in a bid to reassure staff, drivers and customers that its systems and data are secure, Uber has released details of the hack, what the attackers had access to and how the firm reacted to stop the breach and improve security.
The breach – which is thought to have been carried out by a hacking group that targets technology companies – happened when a driver’s details and password were compromised, giving the hacker access to the company’s systems.
Uber said the hacker accessed several other employee accounts which gave them access to further tools, including the firm’s G-Suite and Slack software.
Uber said: “The attacker then posted a message to a company-wide Slack channel, which many of you saw, and reconfigured Uber’s OpenDNS to display a graphic image to employees on some internal sites.”
Uber said its cyber security team was quickly able to identify compromised and potentially compromised accounts and blocked access or required users to reset passwords. Software that had been accessed was blocked and users had to re-register to regain access to them.
The taxi app stressed that while systems had been accessed by unauthorised third parties, there was no breach relating to personal and sensitive data.
It said : “First and foremost, we’ve not seen that the attacker accessed the production (i.e. public-facing) systems that power our apps; any user accounts; or the databases we use to store sensitive user information, like credit card numbers, user bank account info, or trip history. We also encrypt credit card information and personal health data, offering a further layer of protection.
“We also have not found that the attacker accessed any customer or user data stored by our cloud providers (e.g. AWS S3). It does appear that the attacker downloaded some internal Slack messages, as well as accessed or downloaded information from an internal tool our finance team uses to manage some invoices. We are currently analyzing those downloads.
The attacker was able to access our dashboard at HackerOne, where security researchers report bugs and vulnerabilities. However, any bug reports the attacker was able to access have been remediated.”
The cyber attack appears to have been limited to the firms taxi operation, similar to the Russian hack last month.
Uber added: “We were able to keep all of our public-facing Uber, Uber Eats, and Uber Freight services operational and running smoothly. Because we took down some internal tools, customer support operations were minimally impacted and are now back to normal. ”
As well as reporting the data breach to the police, Uber has strengthened its policies, practices, and technology to prevent further cyber attacks.
Technology has changed the way taxi firms operate and while it can improve the experience for customers and drivers, taxi firms must be vigilant to keep data secure. Information is big business which is why it is vital that taxi firms of all sizes ensure that their apps, booking and banking systems and customer accounts are updated and protected.
All information is correct at time of publication. Information provided within this article may have changed over time. No responsibility for its accuracy or correctness is assumed by John Patons Insurance Services or any of its employees.