Sept 19 (Reuters) - Uber Technologies Inc said on
Monday a hacker affiliated with the Lapsus$ hacking group was
responsible for a cyber attack that forced the ride-hailing
company to shut several internal communications temporarily last
Uber said the attacker had not accessed any user accounts
and the databases that store sensitive user information such as
credit card numbers, bank account or trip details.
"The attacker accessed several internal systems, and our
investigation has focused on determining whether there was any
material impact," Uber said, adding that investigation was still
The company said it was in close coordination with the FBI
and the U.S. Department of Justice on the matter.
Friday's cybersecurity incident had brought down Uber's
internal communication system for a while and employees were
restricted to use Salesforce-owned office messaging app Slack.
Uber said the attacker logged in to a contractor's Uber
account after they accepted a two-factor login approval request
following multiple requests, giving the hacker access to several
employee accounts and tools such as G-Suite and Slack.
The hacking group, Lapsus$, has targeted firms including
Nvidia, Microsoft Corp and Okta Inc,
an authentication services company relied on by thousands of
Lapsus$ could not be immediately reached for comment.
The hacker, who goes by the name "teapotuberhacker," also
reportedly claimed to leak early gameplay footage of Take-Two
Interactive Software Inc's muck-awaited game "Grand Theft Auto
VI" on Monday.
The hacker had posted a message on the forum about seeking
to "negotiate a deal" with the videogaming company.
(Reporting by Nivedita Balu in Bengaluru; Editing by Maju