The Uber hack is quite severe and wide ranging. Wishing their blue teams the best of luck and love during this understandably difficult period. Some thoughts & observations based on what we've seen so far 👉 1/N
Let's talk about how they were compromised. The attacker has been quite upfront about how they compromised Uber's corporate infrastructure. Uber appears to use push notification MFA (Duo) for their employees. How can an attacker get around MFA? 2/N
@BillDemirkapi I feel for their blue team! No comment on the hack, just the humans who need to clean up (whatever that may entail). That said, I took an Uber this morning
@BillDemirkapi Your tweet was quoted in an article by TechCrunch techcrunch.com/2022/09/17/thi…
@BillDemirkapi And assuming this is true, why would he notify Uber? 2 options - either he's decided to play nice and give Uber a chance to fix everything up, or, more worryingly - he's already copied literally *everything*. If it's the latter this could be the biggest data leak of all time