Uber has blamed the Lapsus$ hacking group for the recent cyber attack which led to the shutting down of its internal operations.
The hack, which was discovered last Thursday, forced the company to take several of its internal systems offline, including Slack, Amazon Web Services, and Google Cloud Platform.
Uber confirmed that the hacker downloaded some internal Slack messages as well as information from an internal tool used by the company’s finance team to manage invoices. “We are currently analyzing those downloads,” the company said in a statement.
Lapsus$ is a hacking group known for waging a ransomware attack against the Brazilian Ministry of Health in December 2021, compromising the COVID-19 vaccination data of millions within the country.
Uber, giving the latest update on the hack, wrote, “While our investigation is still ongoing, we are providing an update on our response to last week’s security incident.
“We believe that this attacker (or attackers) are affiliated with a hacking group called Lapsus$, which has been increasingly active over the last year or so. This group typically uses similar techniques to target technology companies, and in 2022 alone has breached Microsoft, Cisco, Samsung, Nvidia and Okta, among others.
“There are also reports over the weekend that this same actor breached video game maker Rockstar Games. We are in close coordination with the FBI and US Department of Justice on this matter and will continue to support their efforts.”
Speaking on the way forward, Uber said, “We’re working with several leading digital forensics firms as part of the investigation. We will also take this opportunity to continue to strengthen our policies, practices, and technology to further protect Uber against future attacks.”