Transport giant Uber has blamed a collective known as Lapsus$, which has previously targeted Microsoft and Samsung, for hacking its systems last week in a breach that led to some systems being shut down and staff — including in Australia — being shown a lewd image of male genitalia.
A person purporting to be the Uber hacker this week posted early gameplay footage from the next edition of multibillion-dollar video game franchise Grand Theft Auto, along with messages suggesting an extortion campaign.
Developer Rockstar Games confirmed late on Monday, Australian time, it had suffered a data breach but that it would not affect the development of the title. “We are extremely disappointed to have any details of our next game shared with you in this way,” the company said in a statement posted to social media. A company spokesman declined to answer specific questions.
On Tuesday, Uber also released more details of the hack via its blog. It said the attacker likely bought a stolen password belonging to an Uber contractor on the dark web, a section of the internet only accessible via special tools and often used for illicit purposes. The hacker then logged in and, after repeated attempts, the contractor eventually and unwittingly authenticated the login.
Uber said its investigations showed user data had not been accessed, but conceded some data was obtained.
“It does appear that the attacker downloaded some internal Slack messages, as well as accessed or downloaded information from an internal tool our finance team uses to manage some invoices,” the company said. “We are currently analysing those downloads.”
“Throughout, we were able to keep all of our public-facing Uber, Uber Eats, and Uber Freight services operational and running smoothly. Because we took down some internal tools, customer support operations were minimally impacted and are now back to normal.”
Uber said the hackers’ methods aligned with Lapsus$, a loose hacking group that has involved teenagers breaching major technology companies to illustrate their skills. As well as Microsoft and Samsung, it has also breached networking company Cisco and graphics card maker Nvidia this year, Uber said.
Some of Uber’s global systems were breached last week, with a post on the internal networking tool Slack from the alleged hacker claiming “confidential data… have also been stolen” from several systems. Staff were presented with an image of a penis when they attempted to log in to one system.