Uber announced Thursday evening it was responding to a “cybersecurity incident” in a tweet posted minutes after The New York Times published a report that the company’s networks had been breached by a hacker. The unknown hacker made their presence known in a message sent to Uber’s employees over Slack, according to two sources who spoke with the Times. “I announce I am a hacker and Uber has suffered a data breach,” the individual wrote. The message was buttressed by the names of several internal databases the hacker said they had compromised. Later, they posted an explicit photo to an internal information page, according to the Times. The breach forced the company to shut down several of its internal communications and engineering systems while it probed the issue. Uber was last hacked in 2016, when the accounts of 57 million people were compromised. The hackers demanded $100,000 from Uber to wipe their copy of the stolen information. Uber paid up, but did not disclose the breach for months.
We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.
