Case Study

Overview of the case study

On September 15, Uber announced the news of its system breach. Through social engineering, the hacker compromised an employee’s Slack account. During the Uber cyber attack, the hacker persuaded the employee to hand over a critical password that allowed them access to Uber’s systems.

Key findings

The  drawing shows the Kill chain followed during  the analysis. In conclusion, critical  vulnerabilities were revealed, that allowed the hacker to gain complete access to the cloud-based systems where Uber stores sensitive customer and financial information.

Uber Technologies Inc. Was A Victim Of The Group, Called Lapsus$, Saying It Gained Access To The Company’s Internal Systems And Posted Messages, Including A Graphic Image, To Employees. 

Some Hacking Groups Install Ransomware Or Quietly Steal Data, Such As Credit-Card Information Or Social-Security Numbers, That They Then Sell. Others Are Government-Backed And Try To Steal Corporate Secrets Or Conduct Espionage.​

Lapsus$ Is Different, Security Researchers Say.​​

“They’re Basically Children Who Grew Up In Online Communities That Groom Children To Do Cybercrime,”

Said Ms. Nixon, Who Has Tracked The Group Since Last Year.

Contact

Don’t wait for a breach to secure your systems.

Proactive defense is your best strategy against cyber threats. Contact R3DSIDE today and let’s protect your digital assets together.