Uber apparently hacked by teen, employees thought it was a joke

Skip to main content


‘I think IT would appreciate less memes while they handle the breach’


The Uber logo against a dark background.

Illustration by Alex Castro / The Verge

Uber says it’s investigating a “cybersecurity incident” amidst reports that the company’s internal systems have been breached. The alleged hacker, who claims to be an 18-year old, says they have administrator access to company tools including Amazon Web Services and Google Cloud Platform. The New York Times reports that the ride-hailing business has taken multiple internal systems, including Slack, offline while it investigates the breach.

When contacted for comment by The Verge, a spokesperson for the company declined to answer additional questions, and pointed to its statement on Twitter. “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available,” the statement reads.

The hacker appears to have made themselves known to Uber’s employees by posting a message on the company’s internal Slack system. “I announce I am a hacker and Uber has suffered a data breach,” screenshots of the message circulating on Twitter read. The claimed hacker then listed confidential company information they said they’d accessed, and posted a hashtag saying that Uber underpays its drivers. 

The Slack message from the alleged hacker was so brazen that many Uber employees appear to have initially thought it was a joke, the Washington Post reports. Employee responses to the post included lighthearted emoji like sirens and popcorn, as well as the “it’s happening” GIF. One unnamed Uber employee told Yuga Labs security engineer Sam Curry that staff were interacting with the hacker thinking they were playing a joke.

“Sorry to be a stick in the mud, but I think IT would appreciate less memes while they handle the breach,” one employee’s response read, according to The Post.

The hacker claimed to the NYT to be 18 years old, and told The Post that they breached Uber for fun and is considering leaking the company’s source code. In a conversation with cybersecurity researcher Corben Leo, they also claimed to have gained access to Uber’s systems through login credentials obtained from an employee via social engineering, which allowed them to access an internal company VPN. From there, they found PowerShell scripts on Uber’s intranet containing access management credentials that allowed them to allegedly breach Uber’s AWS and G Suite accounts.

“This is a total compromise, from what it looks like,” Curry told the NYT. “It seems like maybe they’re this kid who got into Uber and doesn’t know what to do with it, and is having the time of his life.”

Some of Uber’s internal systems were hacked.

It sounds like the hacker got access to someone’s Slack account, and then some of Uber’s other internal systems. Lots of details still unknown, but there are some unverified screenshots floating around Twitter that make it sound like the hacker got a lot of access and potentially a lot of data. Uber said it’s working with law enforcement to investigate.

See also  Marvel’s Avengers development is coming to an end

Hear me out: global eSIM domination should look like Windows browser choice.

After hunting for a data plan in Australia this week, I’m excited by Apple’s move to drop the physical SIM tray from the iPhone — it could put pressure on global eSIM adoption. But eSIMs are still pretty clunky since you need to scan a QR code or download a carrier app to activate them. Data is the most important thing on any phone, so shouldn’t it be the easiest thing to shop for? I hope someday clicking “Add Cellular Plan” on the iPhone brings you to a centralized menu of carrier plans that are rated by speed and price.

Amazon is only streaming Thursday Night Football in 1080p, sigh.

This is Amazon’s first season exclusively streaming TNF for Prime subscribers, and I had really been hoping the company would spend the extra money to do it in 4K. Alas, an unnamed spox tells TV Answer Man it’s 1080p, although Sports Video Group has a deep dive on the production truck that says it’s 4K ready. Apple’s MLB games are in 1080p, too. What do we have to do for sports in 4K, people?

LG may be figuring out 6G.

LG successfully sent a Terahertz signal, which could be the basis for 6G communications, over a 1,000-foot distance outdoors. Last year, it was only able to get the signal to go around 330 feet.

Obviously, this tech is a long way off — it’ll be a few years before there are even discussions about 6G standards, and most of us probably won’t be using it until at least 2030.

Welcome to the new Verge

Revolutionizing the media with blog posts

Nilay PatelSep 13

Instagram vs. TikTok in VR.

Meta’s Quest Pro won’t be officially unveiled for another month — unless they leave a few units laying around in a hotel hallway, again. Now Protocol reports Pico (which, like TikTok, is now owned by Chinese tech giant ByteDance) will launch its next VR headset on September 22nd.

Pico’s new headset may share some features with the Quest Pro, like full-color passthrough video for AR, and a better display.

Twitter, but with an edit button.

Twitter really is almost ready to offer users the long-awaited edit button, and already confirmed that after a little more internal testing, some Twitter Blue subscribers will get access later this month.

Per Platformer author and Verge contributing editor Casey Newton, those public tests are planned to start next week, on September 21st.

See also  The NLRB alleges that Apple “discriminated against employees” trying to unionize

Oh and here’s a tiny scoop: Twitter is planning to begin the public test of editing tweets on Wednesday 9/21, per internal documents shared with me

— Casey Newton (@CaseyNewton) September 15, 2022

We love that tattoos hurt, but hear me out: what if they didn’t.

I’m a fan of these cute semi-permanent tattoos created with stickers covered in tiny needles! They seem promising for people who need skin markers for medical procedures. I’m an even bigger fan of an article explaining this while driving home at every possible opportunity how totally cool pain is during a recreational inking experience. It’s a delicate balancing act, and as someone with a freshly healing tattoo, I appreciate it.

YouTube Shorts are driving more than half of the top 50 channels on the platform.

I love TubeFilter’s weekly breakdown of the top 50 most viewed YouTube channels — especially lately, because I keep looking at the percentage of channels that are primarily active on TikTok-clone Shorts. This week, 29 of the top 50 channels worldwide are primarily using Shorts, and a staggering 33 of the top 50 in the US.

The FCC is trying to clean up space junk.

The agency is floating a plan to have low-earth-orbit satellites (like Starlink) get de-orbited within five years of mission completion, instead of 25 years as the rule stands now.

Google’s failed smart city project was just the tip of the iceberg.

Curbed’s Alissa Walker has a great interview with Globe and Mail reporter Josh O’Kane, who’s new book Sideways: The City Google Couldn’t Buy is the definitive account of the failed effort by Sidewalk Labs to build “a city from the internet up.” It’s also an interesting look into the rise and fall of the smart city movement in the 2010s, which presumed that residents would willingly share their own personal data in exchange for city services.

Fuel price protests disrupt internet access in Haiti.

Roads have been blocked across the capital Port-Au-Prince, preventing engineers from fixing damaged cables.

⚠️ Update: Internet access in #Haiti remains significantly disrupted amid fuel price protests with national connectivity at 34% of ordinary levels; operators have identified at least seven optical fiber cuts affecting service this week with repairs made difficult by barricades 📉

— NetBlocks (@netblocks) September 15, 2022

You can remotely rev the 2024 Ford Mustang’s V-8 engine with a key fob.

I’ll take the L on this: back when Ford first filed the patent on a new technology that would allow vehicle owners to rev their engines remotely by using a key fob, I predicted we wouldn’t see it in a production car anytime soon. How wrong I was! “Remote Rev” is coming to the seventh generation pony car next year. Why would anyone want to do this, you might ask? TBD!

Leave a Reply

Your email address will not be published. Required fields are marked *