Washington (CNN Business)Uber has linked the cybersecurity incident it disclosed last week to hackers affiliated with the Lapsus$ gang, a group accused of numerous high-profile corporate data breaches. The company also said the attackers were able to download or access company Slack messages and invoice-related data from an internal tool.
In a blog post on Monday, Uber (UBER) said the attackers first gained access to the company's systems when they successfully convinced a contractor to grant a multi-factor authentication challenge. The contractor's network password had likely been obtained separately on a dark web marketplace, Uber said.
"From there, the attacker accessed several other employee accounts which ultimately gave the attacker elevated permissions to a number of tools, including G-Suite and Slack," the blog post said. "The attacker then posted a message to a company-wide Slack channel, which many of you saw, and reconfigured Uber's OpenDNS to display a graphic image to employees on some internal sites."
The attacker did not access user-facing systems, user accounts, databases containing personal information or the code that powers Uber's products, the company said. But it added the investigation is continuing in coordination with law enforcement and multiple cybersecurity firms.
The blog post marks the first time Uber has publicly attributed the incident to the Lapsus$ gang, which targeted Microsoft earlier this year and is also accused of attacking Nvidia, Okta and other companies.
Uber added that in response to the breach, it is strengthening its multifactor authentication policies and has reset employee access to internal tools.
作者:Brian Fung,文章来源CNN,版权归原作者所有,如有侵权请联系本人删除。
风险提示:以上内容仅代表作者或嘉宾的观点,不代表 FOLLOWME 的任何观点及立场,且不代表 FOLLOWME 同意其说法或描述,也不构成任何投资建议。对于访问者根据 FOLLOWME 社区提供的信息所做出的一切行为,除非另有明确的书面承诺文件,否则本社区不承担任何形式的责任。
FOLLOWME 交易社区网址: www.followme.asia
喜欢的话,赞赏支持一下
加载失败()