Global ride-hailing firm Uber say there is no evidence that the ‘cybersecurity incident’ involved access to sensitive user data.
The comments follow an incident which Uber described as a ‘cybersecurity incident’ on Thursday 15 September. Sources from the New York Times reported a breach to the operator’s internal systems.
The American firm were forced to take several internal communications and engineering systems offline.
In a statement released by Uber on 16 September, a spokesperson said: “While our investigation and response efforts are ongoing, here is a further update on yesterday’s incident:
“We have no evidence that the incident involved access to sensitive user data (like trip history).
“All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational.
“As we shared yesterday, we have notified law enforcement. Internal software tools that we took down as a precaution yesterday are coming back online this morning.”
Tom Warren, Senior Editor at tech publication The Verge, originally described the hack as looking ‘bad’. Warren said: “Uber has been hacked, and it looks bad. The hacker got in through social engineering and allegedly found a network share full of Microsoft PowerShell scripts that included Uber admin usernames and passwords to let them breach AWS, G Suite, and more.”
The Uber service which operates globally in more than 10,000 cities via its app, does not appear to have been affected.