Except it wasn't human error. The db and API were purposely put on a network that was accessible from the open internet.
Optus hacked, records of 9.8 million customers stolen
Collapse
X
-
'Looks like Optus has started to contact people affected by the hack'
Comment
-
-
Uber hack
Uber’s hack shows the stubborn power of social engineering
"One of the powershell scripts contained the username and password for a admin user in Thycotic (PAM) Using this i was able to extract secrets for all services, DA, DUO, Onelogin, AWS, GSuite" pic.twitter.com/FhszpxxUEW
— Corben Leo (@hacker_) September 16, 2022
https://www.theverge.com/2022/9/16/23356213/uber-hack-teen-slack-google-cloud-credentials-powershellInternal systems appear to have been compromised.
The hacker appears to have made themselves known to Uber’s employees by posting a message on the company’s internal Slack system. “I announce I am a hacker and Uber has suffered a data breach,” screenshots of the message circulating on Twitter read. The claimed hacker then listed confidential company information they said they’d accessed, and posted a hashtag saying that Uber underpays its drivers.
The Slack message from the alleged hacker was so brazen that many Uber employees appear to have initially thought it was a joke, the Washington Post reports. Employee responses to the post included lighthearted emoji like sirens and popcorn, as well as the “it’s happening” GIF. One unnamed Uber employee told Yuga Labs security engineer Sam Curry that staff were interacting with the hacker thinking they were playing a joke.Last edited by Carlin; 09-24-2022, 09:50 AM.
Comment
-
-
Last edited by Carlin; 11-06-2022, 10:14 AM.
Comment
-
Comment