Skip to main content

Uber says it’s investigating ‘cybersecurity incident’

Computer systems belonging to ridesharing giant Uber appear to have been targeted by hackers in what could be a serious security breach. The company reported on Thursday evening that it had contacted law enforcement after learning of what it described as a “cybersecurity incident.”

In a tweet posted at about 9:30 p.m. ET, Uber said: “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.”

Related Videos

We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.

— Uber Comms (@Uber_Comms) September 16, 2022

A New York Times report said that as soon as Uber learned of Thursday’s breach, the company took a number of its internal computer systems offline while it tried to determine exactly what had happened.

According to the NYT, workers at Uber offices received a message via the company’s internal messaging system with the ominous notice: “I announce I am a hacker and Uber has suffered a data breach.”

The hacker then named a number of internal databases that they claimed to have compromised. The message was reportedly sent from an Uber employee’s account that the hacker had managed to access.

Two workers with knowledge of the incident told the NYT that they were ordered by management to stop using the messaging software, reportedly the popular platform Slack. They also found that they were unable to gain access to other internal systems operated by Uber.

Uber has yet to offer any details about the cybersecurity incident, but it’s expected to do so once it’s completed its initial investigation.

With the company holding the personal data of a huge number of riders and drivers, there will be concerns that the hacker has managed to steal much of this information.

The incident comes six years after Uber suffered a serious data breach that saw hackers nab data linked to 57 million users, including 7 million drivers.

The ridesharing company was heavily criticized for how it handled the incident after it emerged that it had kept the hack secret for more than a year. Even more concerning, under its former CEO Travis Kalanick, Uber tried to cover up the incident by offering the hacker $100,000 to destroy the stolen data.

Hackers also targeted Uber in September 2014, stealing information on 50,000 drivers and their cars. The company didn’t tell anyone about the breach until five months later.

This time, however, Uber appears keen to show that it has changed its ways, quickly tweeting about the incident soon after it learned about it. Still, that will be cold comfort for its riders and drivers if it emerges that their data has been stolen.

Uber offered this update on Saturday, September 17:

“We have no evidence that the incident involved access to sensitive user data (like trip history). All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational. As we shared yesterday, we have notified law enforcement. Internal software tools that we took down as a precaution yesterday are coming back online this morning.”

It added that its investigation and response efforts are ongoing.

Editors' Recommendations

These Android apps are spying on you — and there’s no easy way to stop them
Illustration of a giant eye stalking through a phone

Android’s security woes need no introduction, but another threat that hasn’t received its fair share of awareness relates to spyware and stalkerware apps. These apps can secretly be installed on a victim’s phone to monitor their activity and can be exploited to harass victims of domestic abuse and engage in online stalking. All someone needs is physical access to the victim's phone to install these apps, which is not too difficult in cases of domestic abuse.

Call it an app-fueled version of AirTag stalking, but on steroids, because these spyware apps can steal everything including messages, call logs, emails, photos, and videos. Some can even activate the microphone and the camera, and secretly transfer these recordings to a remote server where the abuser can access it. Since Google Play's policies don't allow stalking apps, these apps are sold via third-party websites and need to be sideloaded.

Read more
How Microsoft 365 Copilot unleashes ChatGPT from its restraints
Copilot in Microsoft Word generating results.

Thanks to ChatGPT, natural language AI has taken the world by storm. But so far, it's felt boxed in. With these chatbots, everything happens in one window, with one search bar to type into.

We've always known these large language models could do far more, though, and it was only a matter of time until that potential was unlocked. Microsoft has just announced Copilot, its own integration of ChatGPT into all its Microsoft 365 apps, including Word, PowerPoint, Outlook, Teams, and more. And finally, we're seeing the way generative AI is going to be used more commonly in the future -- and it's not necessarily as a straightforward chatbot.
Bringing natural language into apps

Read more
PowerPoint will use ChatGPT to create entire slideshows for you
Microsoft Copilot creating a PowerPoint presentation for a user.

Microsoft has revealed its thoughts on how artificial intelligence (AI) could shape how we work in the years to come -- and how it plans to help guide those changes. The announcement was made by Microsoft’s Satya Nadella and Jared Spataro at a company event titled The Future of Work with AI.

As the name suggests, the show was focused on how artificial intelligence (AI) could affect how we work, both now and in the future. More specifically, the tech giant discussed how it will add AI smarts into its suite of Office apps.

Read more