Uber 2022 Breach: Teenage Hacker Compromises Internal Systems via Social Engineering
A teenage Lapsus$ group member compromised Uber internal systems through an MFA fatigue attack, accessing Slack, source code, and vulnerability reports.
Unlock Full Privacy Intelligence
Get deep-dive reports on every company that touches your data. SeekerPro members see breach timelines, DSAR success rate...
Learn MoreAudit Your Site Free
Run a full privacy and compliance audit on any website in 60 seconds. NexusBro scans cookie consent, tracker behavior, a...
Learn MoreAutomate Privacy Compliance
Stop wasting hours on manual DSAR filings and cookie consent management. BliniBot handles the busywork so your team can ...
Learn MoreData Types Exposed
Response Timeline
September 15 2022: Attacker gains access via MFA push fatigue
September 15 2022: Attacker posts in company Slack claiming breach
September 16 2022: Uber confirms incident
October 2022: Arion Kurtaj (18) arrested in UK
Detailed Analysis
The attacker repeatedly sent MFA push notifications to an Uber employee until they accepted one, then posed as IT support via WhatsApp. Once inside the attacker accessed Slack, source code, financial dashboards, and critically HackerOne vulnerability reports.
The breach at Uber exposed Internal systems compromised; limited customer data impact records through mfa fatigue attack followed by social engineering via whatsapp. Limited direct customer impact; internal systems broadly compromised The incident highlights the ongoing challenges organizations face in protecting sensitive user data against increasingly sophisticated attack vectors. Security researchers have noted that breaches of this magnitude often result from a combination of technical vulnerabilities and organizational failures in security practices.
Current status: Kurtaj found unfit to stand trial; held at secure hospital. Affected users should take immediate steps to protect their accounts, including changing passwords, enabling multi-factor authentication, and monitoring financial accounts for unauthorized activity. Filing a DSAR with Uber can help you understand what data was exposed and request its deletion.
What To Do If Affected
- Change your password immediately on this service and any accounts using the same password
- Enable two-factor authentication on all critical accounts
- Monitor your credit reports for unauthorized activity
- Consider placing a credit freeze with major bureaus
- File a complaint with your local data protection authority
Protect Your Data Across Every Platform
Tools trusted by thousands of privacy-conscious users worldwide
No card charged today. Cancel anytime.
Frequently Asked Questions
How many records were affected in the Uber breach?
The Uber data breach affected Internal systems compromised; limited customer data impact records. Data types exposed include: internal Slack messages, source code, financial data, HackerOne vulnerability reports, employee data.
What should I do if I was affected by the Uber breach?
If you were affected, change your passwords immediately, enable two-factor authentication, monitor your credit reports, and consider placing a credit freeze. You can also submit a DSAR to Uber requesting deletion of your data.
Is there compensation for Uber breach victims?
Kurtaj found unfit to stand trial; held at secure hospital Check if a class action settlement exists and whether you are eligible to file a claim.