Home / Companies / Kinde / Blog / Post Details
Content Deep Dive

The Uber Hack and MFA fatigue

Blog post from Kinde

Post Details
Company
Date Published
Author
Connor Cameron
Word Count
385
Company Posts That Month
2
Language
English
Hacker News Points
-
Post removed?
No
Summary

Earlier this month, Uber experienced a significant security breach when a member of the teenage hacker group LAPSUS$ gained administrative access to critical company systems, including GSuite, AWS, Slack, and OneLogin. The breach was achieved through a social engineering tactic known as MFA fatigue, where the hacker inundated an employee with multi-factor authentication requests until the employee, under pressure and prompted by a supposed co-worker, inadvertently granted access. Once inside, the hacker boldly announced their presence on Uber's Slack and released sensitive company financials, even replacing internal pages with inappropriate images and criticizing the company's treatment of drivers. This incident underscores the vulnerability of even large, data-rich companies to social engineering attacks and the necessity of employee training to recognize and prevent such security threats.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.