Uber blames international hacking collective for major breach

Normal text sizeLarger text sizeVery large text size

Transport giant Uber has blamed a collective known as Lapsus$, which has previously targeted Microsoft and Samsung, for hacking its systems last week in a breach that led to some systems being shut down and staff — including in Australia — being shown a lewd image of male genitalia.

A person purporting to be the Uber hacker this week posted early gameplay footage from the next edition of multibillion-dollar video game franchise Grand Theft Auto, along with messages suggesting an extortion campaign.

The three protagonists and anti-heroes of the most recent Grand Theft Auto game.Credit:Rockstar Games

Developer Rockstar Games confirmed late on Monday, Australian time, it had suffered a data breach but that it would not affect the development of the title. “We are extremely disappointed to have any details of our next game shared with you in this way,” the company said in a statement posted to social media. A company spokesman declined to answer specific questions.

On Tuesday, Uber also released more details of the hack via its blog. It said the attacker likely bought a stolen password belonging to an Uber contractor on the dark web, a section of the internet only accessible via special tools and often used for illicit purposes. The hacker then logged in and, after repeated attempts, the contractor eventually and unwittingly authenticated the login.

Web Search Engine

Uber said its investigations showed user data had not been accessed, but conceded some data was obtained.

"It does appear that the attacker downloaded some internal Slack messages, as well as accessed or downloaded information from an internal tool our finance team uses to manage some invoices," the company said. "We are currently analysing those downloads."

"Throughout, we were able to keep all of our public-facing Uber, Uber Eats, and Uber Freight services operational and running smoothly. Because we took down some internal tools, customer support operations were minimally impacted and are now back to normal."

Uber said the hackers' methods aligned with Lapsus$, a loose hacking group that has involved teenagers breaching major technology companies to illustrate their skills. As well as Microsoft and Samsung, it has also breached networking company Cisco and graphics card maker Nvidia this year, Uber said.

Some of Uber’s global systems were breached last week, with a post on the internal networking tool Slack from the alleged hacker claiming “confidential data… have also been stolen” from several systems. Staff were presented with an image of a penis when they attempted to log in to one system.

Players in GTA, as it is almost universally known, take on the role of a criminal figure in fictionalised US cities and perform missions to advance a sprawling storyline. Entries in the series, which is up to Grand Theft Auto V and has a major online component, have been controversial for depictions of violence, drugs and sex, but garnered billions in sales.

Posts on a video game forum from the hacker included rough early gameplay footage, code from the game and a request for GTA’s publisher Take-Two to make contact to “negotiate a deal”.

The chief executive of Australian cybersecurity firm Internet 2.0, Robert Potter, said both hacks appeared to make use of “social engineering” in which a hacker manipulates a user with genuine access, rather than using sophisticated malware.

Too many businesses, Potter said, were like M&Ms: “hard on the outside and soft on the inside”, whereas they should be like Swiss cheese, with multiple points of security that would have to fail in alignment to allow an outsider access.

“Uber is pretty good at cyber, they’re not bad,” Potter said. “If your instinct is to stop and laugh, you’re an idiot. You should be checking your own security.”

Many hackers have commercial motives, seeking to blackmail their victims, while others are after industrial intelligence to gain a commercial edge or to advance national objectives.

A series of major Australian businesses have suffered high-profile hacks in recent years, including Nine Entertainment, the owner of this masthead. Parliamentary networks have also come under attack.

In gaming, leaked game content has had a range of consequences. Some publishers have responded aggressively, bringing in lawyers, while others have ramped up publicity campaigns and taken advantage of the free press.

Get news and reviews on technology, gadgets and gaming in our Technology newsletter every Friday. Sign up here.

Nick Bonyhady is the technology editor of the Sydney Morning Herald and The Age, based in Sydney. He is a former industrial relations and politics reporter.Connect via Twitter or email.

Most Viewed in Technology

Create your post! FREE (Why?)

Leave your vote

26 Points
Upvote Downvote


Related Articles

Leave a Reply

Back to top button

Log In

Forgot password?

Don't have an account? Register

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.