Uber, four days after suffering a substantial cybersecurity breach, has admitted its attacker accessed "several internal systems" including the corporation's G Suite account, and downloaded internal Slack messages and a tool used by its finance department to manage "some" invoices.
The rideshare and food-delivery app believes someone affiliated with the Lapsus$ gang was behind the intrusion.
In a security update posted Monday, Uber confirmed the intruder accessed its HackerOne bug bounty dashboard. "However, any bug reports the attacker was able to access have been remediated," it claimed.
Uber also said it believes the person who compromised Rockstar Games and stole confidential data for Grand Theft Auto 6 was the same person who compromised its own network.
It was earlier speculated by an administrator of a cyber-crime forum over the weekend that the person behind the Uber intrusion also stole the GTA 6 source code from Rockstar Games, and that they were involved with Lapsus$.
Since the Uber breach, which happened last Thursday, the app maker has been reticent to provide much (if any) details about what any data was stolen, leaving users scrambling to put the pieces together from security researchers' tweets and media reports.
It appeared from leaked screenshots that the intruder got into Uber's AWS account, SentinelOne security dashboard, VMware vSphere control panel, and other critical parts of its IT infrastructure. It was also said that the miscreant got access to private source code repositories, internal documents, and ..
Support the originator by clicking the read the rest link below.
