Lapsus$ Hit Uber

Uploaded on 2022-10-04 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Transport & Travel

Uber was forced to close one of its software and messaging systems after an attacker got into its network. Uber said it believed the hacking group Lapsus$ was the attacker that made the company to temporarily close some internal systems.

The company says that the attacker gained access after obtaining an external contractor’s account information. Uber also said that the attacker used the stolen credentials of an Uber EXT contractor in an MFA fatigue attack where the contractor was flooded with two-factor authentication login requests until one of them was accepted. Following the breach, the hacking group Lapsus$ claimed responsibility. 

LAPSUS$ first made waves in February and March when the group successfully stole data from Nvidia, Microsoft, and Samsung, among others. Police in the UK later arrested seven people for their roles in the LAPSUS$ gang. Two of the suspects, a 16-year-old and 17-year-old, were later charged with computer hacking crimes. 

It’s possible at least one member of LAPSUS$ remains at large. Some of the group’s early targets were in South America, which has caused researchers to suspect other gang members may be based not in the UK. The hacker who breached Uber reportedly describes himself as an 18-year-old. He’s also been using the screen name “Tea Pot.” There is speculation that he is connected to the 'Tea Pea' hackers who breached the Intercontinental Hotel Group and deleted 'data for fun'. 

For many, 2022 has been a wake-up call: there are no safe industries, and there are no safe countries and cyber crime is everywhere. 

SonicWALL's mid-year threat report found that malware rose by 2.8 billion globally in the last year.  Other findings include:

  • Encrypted threats has 132% increase to 4.8 billion.
  • The finance sector experiences the highest IoT malware attempts up 151%.
  • IoT Malware is up 134% in the UK and 228% in the US.

Malware touches every facet of our lives. During the average day, much of what we interact with, from the clothes that we wear to the cars that we drive, even the water that we drink, has been impacted by a cyber attack and is a pervasive threat expanding at an alarming pace.

SonicWALL:     Business Standard:    The Verge:    PCMag:    InfoSecInstute:   Bleeping Computer:    FT:   

You Might Also Read: 

A Phishing Attack That Delivers Three Forms Of Malware:

 

« Network Security Recommendations Tailored To Your Business
A Mysterious New Hacking Group »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Qualys

Qualys

Qualys is a pioneer and leading provider of cloud security and compliance solutions.

Continuum

Continuum

Continuum is the IT management platform company that allows Managed IT Services Providers to maintain and back up on-premise and cloud-based servers, desktops, mobile devices and other endpoints

EuroISPA

EuroISPA

EuroISPA is a pan European association of European Internet Services Providers Associations and the world’s largest association of ISPs.

Commissum

Commissum

Commissum specialise in information assurance and security testing services.

InnoValor

InnoValor

InnoValor realises value from digital innovation for organisations and government. We provide advisory services and develop innovative software solutions, based on our background in research.

Method Cyber Security

Method Cyber Security

Method offers a Cyber Security Risk Management training course for those responsible for the security of industrial automation, control and safety systems.

European Healthcare Fraud & Corruption Network (EHFCN)

European Healthcare Fraud & Corruption Network (EHFCN)

EHFCN is the only organisation dedicated to combating fraud, corruption and waste in the healthcare sector across Europe.

Synamic Technologies

Synamic Technologies

Synamic Technologies was founded in 2018 as a start-up to automate cyber security processes. Our CISOSCOPE product automates vulnerability management, risk management and compliance.

QGroup

QGroup

QGroup has been re-designing the consultancy industry since 2012. We're a rapidly expanding group of consulting companies that deliver bespoke IT services including cybersecurity.

Coastline Cybersecurity

Coastline Cybersecurity

Coastline Cyber is a cybersecurity consulting firm dedicated to helping organizations strengthen their security posture by reducing risks, mitigating threats, and protecting against attacks.

Advania UK

Advania UK

Advania are one of Microsoft’s leading partners in the UK, specialising in Azure, Security, Dynamics 365 and Microsoft 365.

CSIRT-Gnd

CSIRT-Gnd

CSIRT-Gnd provides 24x7 Computer Security Incident Response Services to citizens, companies and government agencies in Grenada.

Efex

Efex

Efex is one of Australia’s leading Managed Technology Solutions providers. We service local companies across Australia, providing accessible, fast and straightforward IT.

CIS Secure

CIS Secure

CIS Secure is an innovator, integrator and expert advisor supporting the broadest portfolio of powerful, mission-specific C5ISR communications and cybersecurity solutions.

Rakuten Maritime

Rakuten Maritime

Rakuten Maritime is your trusted partner in maritime cybersecurity, offering comprehensive and proactive solutions tailored to every stage of a ship’s life cycle.

Neural Defend

Neural Defend

Neural Defend is a deepfake detection technology with proprietary algorithms and an AI agentic multi-layered of solution.