If Uber can be breached what can I do to protect my business?

🔐As your trusted advisor 👨‍💻 I make it easier for you to sleep at night 🛌 knowing that your data is secure, your company's image is impeccable, and your team 🧑‍🤝‍🧑 is loyal.

24 articles

On September 15, 2022, NEWYORKTIMES.COM reported that

The Uber company network has been breached again. Uber has collaborated on this.

report as well. Uber is not the only company that offers ride-share or food delivery services,

but it is the biggest.

A couple of key takeaways:

The hacker gained access to almost all of the company’s networks. The hacker claims to

be 18 years old. Just think about it. How many years does it take for someone to

gain the skills needed to breach an organization as big as Uber? Uber is a company with

a cyber security budget that must be in the millions of dollars.

The other thing was that all that security was brought down by text message. No high-tech

tools, the hacker just texted an individual inside Uber asking for credentials. This is called

Social engineering The hacker texted the Uber employee after somehow discovering the

employee’s WhatsApp number. Once inside the network, the hacker hit a goldmine when he

found a tool created by an Uber employee used to make logging into sensitive company

networks possible. In short, the Uber employee had built a company tool to make it easy for

a hacker to gain access.

That was that. Everything else just fell by the wayside.

Uber employee built a tool to make it easier for outside hackers

What will the total cost of the breach be? So far, Uber's stock price has fallen about 4% since

the breach. It is easy to assume the expenses will be in the millions of dollars,

but we will need some time to determine the total cost. There are soft costs like public trust.

I, for one, will be riding Lyft for the near future.

If Uber was breached, what chance do I have?

Two things stand out from the attack. The staff

was not trained properly to handle this type of attack. That is why when I work with

clients, I always discuss how critical it is for the whole company team to have good cyber

security training and testing.


The second issue was the staff person who created the logging tool to bypass all the security

measures they had put up. How often did you go through fire drills in school? Businesses

need to do their fire drills, such as cyber risk audits. These audits need to include the

tools the company uses and the way they are configured. So they can root out tools like a

logging bypass tool.

Uber is also in the process of taking its former cyber security chief to court over the

breach. That happened in 2016. So having the right people handling your cyber security

It is just as important, if not more important, than the tools they use.