News By Tag
News By Location
Follow on Google News
How Uber Could have Avoided September 2022 Data Breach
A 17 Year old hacked ride-hailing company for fun, added security for hard-coded admin credentials would have saved Uber from this disaster.
By: Vivek Basavegowda Ramu
"I announce I am a hacker and Uber has suffered a data breach." - says the 17 year-old attacker in Uber`s Slack Messenger.
Main reason behind the attacker gaining access to the Uber system is a combination of contractor account having added privileges, hard-coded admin credentials, multi-platform access using admin privileges within IT/Cloud infrastructure.
While it is not easy to eliminate all risks, but companies should definitely strengthen the security by removing and credentials which are embedded, through audit of the system to remove any hard-coded credentials and if it is required to be hard-coded then added security should be inplace, these days hackers are also getting better with bypassing MFA (Multi-factor-