Hacking group Lapsus$ blamed for Uber breach

Uber has blamed Lapsus$, a South American hacking group, for being behind last week’s data breach that compromised its internal system.

The ride-share giant said in a statement that it is still investigating the breach and is also coordinating with the FBI, the Department of Justice and several leading digital forensics firms.

• “We believe that this attacker (or attackers) are affiliated with a hacking group called Lapsus$, which has been increasingly active over the last year or so,” the company said.
• Last week, an 18-year-old hacker claimed to have broken into Uber’s network.
• The hacker told The New York Times, which first reported the breach, that he gained access to the company’s internal systems by posing as a corporate information technology person and convincing an employee to share a password with him.

Lapsus$ has been linked to several data breaches this year targeting tech companies including Microsoft, Samsung, Cisco and Okta.