Follow on Google News News By Tag Industry News News By Location Country(s) Industry News
Follow on Google News | How Uber Could have Avoided September 2022 Data BreachA 17 Year old hacked ride-hailing company for fun, added security for hard-coded admin credentials would have saved Uber from this disaster.
By: Vivek Basavegowda Ramu "I announce I am a hacker and Uber has suffered a data breach." - says the 17 year-old attacker in Uber`s Slack Messenger. Main reason behind the attacker gaining access to the Uber system is a combination of contractor account having added privileges, hard-coded admin credentials, multi-platform access using admin privileges within IT/Cloud infrastructure. While it is not easy to eliminate all risks, but companies should definitely strengthen the security by removing and credentials which are embedded, through audit of the system to remove any hard-coded credentials and if it is required to be hard-coded then added security should be inplace, these days hackers are also getting better with bypassing MFA (Multi-factor- End
|
|