Lessons from Uber’s Recent Breach

On Sept 15th a curious teenage hacker looking for fun, compromised Uber in a serious way, gaining administrative access to the company’s massive cloud instance, development environments, tools, and even their access management server! The hacker joked with how terribly easy it was and shared proof with news outlets, on hacker message boards, and even with employees on Uber’s internal Slack communication tool.

The attack was not masterful, but rather simple, and yet snowballed into a massive data breach.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Matthew.Rosenquist

CISO and cybersecurity Strategist specializing in the evolution of threats, opportunities, and risks in pursuit of optimal security