Uber's been hacked by an 18 year old, go figure

pcgamer.com:

It appears Uber has been hacked by an 18-year-old. As discovered Thursday, the hijacker managed to gain full admin access to the company's AWS, Duo, OneLogin, G Suite, VMware vSphere domain accounts, and more. They even bagged Uber's source code and have sent out screenshots to prove it.

Not a great time for Uber then. But what really gets me is how people are meant to have reacted when asked to stop interacting with the hacker on Slack—if you work in IT you might need to ask a friend to hold you back for this one.

According to The New York Times(opens in new tab), the person responsible for the Uber hack claims to have gained access simply by sending a text to an Uber employee pretending to be from the company's corporate IT team. The hacker, if we can even call them that, just persuaded the employee to send them their login credentials and, boom, full access granted.

Yuga Labs engineer Sam Curry posted on Twitter about the event, having spoken to the apparent hacker, who claims to be just 18 years old. They sent some pretty legitimate-looking screenshots of internal systems to prove their quarry.

Curry spoke to some Uber employees as to their experience: «At Uber, we got an 'URGENT' email from IT security saying to stop using Slack,» one employee said. «Now anytime I request a website, I am taken to a REDACTED page with a pornographic image and the message 'F*** you wankers'.»

Another employee said that, «Instead of doing anything, a good portion of the staff was interacting and mocking the hacker thinking someone was playing a joke. After being told to stop going on slack, people kept going on for the jokes.»

Someone hacked an Uber employees HackerOne account and is commenting on all of the tickets. They likely have