In the latest update on the cybersecurity attack, Uber Technologies (NYSE:UBER) stated that the attacker (or attackers) affiliated with the Lapsus$ hacking group were responsible for the data breach. The notorious hacking group is known to be involved in cyber attacks on Microsoft (MSFT), Cisco (CSCO), Nvidia (NVDA), Okta (OKTA), and several other entities. Uber further disclosed that it was closely working with the FBI and the US Department of Justice on the data breach matter.
Last week, the ride-hailing company temporarily took down its internal software tools as a precaution following the cybersecurity attack. According to a New York Times report, the hacker gained access to Uber’s internal systems after hacking the Slack account of an employee.
Based on its investigation, Uber stated that it does not appear that the hacker accessed public-facing systems that power its apps or any user accounts, or the databases that it uses to store sensitive user information, including credit card numbers. Also, the attacker did not make any changes to Uber’s codebase and did not access customer data stored by its cloud providers.
However, the attacker downloaded certain internal Slack messages. Also, the attacker accessed or downloaded information from an internal tool, which Uber’s finance team utilizes to handle some invoices.
Uber also revealed that the attacker accessed its dashboard at HackerOne, where “security researchers report bugs and vulnerabilities.” However, the company added that bug reports accessed by the attacker have been remediated.
Is Uber Stock a Buy, Sell, or Hold?
Uber earns the Street’s Strong Buy consensus rating based on 24 Buys and two holds. The average Uber price target of $47.64 implies 51.3% upside potential from current levels.
Conclusion
Uber’s investigation into the recent cyberattack has revealed the role of the Lapsus$ hacking group in the incident. While the attacker did not download sensitive user information, like credit card numbers, other breaches are being revealed by the ongoing investigation.
