Uber has been hit by a cyberattack involving an employee’s compromised Slack account. The New York Times documented the incident based on evidence reportedly sent to the newspaper and security experts by the hacker.

According to the New York Times, a cybercriminal gained access to Uber’s internal systems by messaging an employee through Slack and asking him to transfer his login credentials. The hacker then accessed several internal systems and captured data. He left a message informing employees of the breach.

The hacker later contacted the New York Times and provided evidence of the breach. The evidence includes several screenshots of private emails, cloud storage environments and code repositories. According to experts, the hacker accessed all of Uber’s information, including source code.

The hacker says he wanted to demonstrate that Uber’s systems are poorly secured. According to the New York Times, the hacker urged the company to better compensate employees, drivers and delivery drivers for their work.

Confirmation from Uber

Uber has more or less confirmed the attack to the New York Times, though no public announcements were made at this time. The company immediately took its Slack environment and other internal systems offline to investigate the incident. The company also contacted judicial organizations to prosecute the hacker.

Not the first

Uber faced multiple hacks throughout the years. Cybercriminals stole data on 57 million user and driver accounts in 2016. The hacker demanded a ransom of €100,000 to delete the stolen data. Uber eventually paid the ransom and kept the hack secret for more than a year.

The incident caused then-CEO Joe Sullivan to be fired. Sullivan is currently involved in a court case on charges of knowingly concealing the hack from US authorities and thereby violating laws on cyberattacks.

Tip: Data privacy: from necessary security step to competitive advantage