The intruder who claims to have hacked Uber might not have done much damage. The ridesharing firm has determined that there’s “no evidence” the perpetrator accessed sensitive user data, such as trip histories. All services are functioning properly, and the company has restored the use of internal software it took down upon discovering the breach.

Uber didn’t say more about the reported culprit or the nature of the incident. Bleeping Computer says it has seen screenshots from the hacker that purport to show Uber’s IT resources, including its Amazon Web Services console, Google Workspace dashboard and virtual machines. The perpetrator also gained access to Uber’s bug bounty program, suggesting they might be aware of security holes the company hasn’t necessarily fixed.

Account info appears to be safe. However, there are concerns the attacker might have access to source code, or could sell the bounty data to other hackers who might use vulnerabilities for their own campaigns. There may be fallout in the days ahead, even if Uber passengers don’t have any immediate reasons to worry.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.

Source link