Uber Hacker: The City of London Police arrested a 17-year-old from Oxfordshire for hacking on Thursday, September 21, 2018. A joint investigation by the U.K. National Crime Agency’s cybercrime unit and the Police was undertaken. Police arrested him as part of an investigation. He remains in police custody. In addition, the department said it was a joint investigation with the London Police. It is suspected that the recent string of high-profile hacks aimed at Uber and Rockstar Games may have had something to do with the law enforcement action. The same threat actor has allegedly committed both intrusions, and he goes by Tea Pot (teapotuberhacker).
An attacker or group of hackers associated with the LAPSUS$ extortion group is said to have breached Uber’s data. Uber believes that two of the extortion group’s members currently facing fraud charges are responsible. According to cybersecurity firm Flashpoint, the hacker’s real-world identity was allegedly identified in an illicit online forum. On Friday, Flashpoint revealed that the forum administrator had claimed that the individual behind the Microsoft and Doxbin hacks was the same person.
“On the day that the original post was made, Flashpoint analysts found that teapotuberhacker’s real world identity had been outed on an online illicit forum. In that thread, titled “The Person Who Hacked GTA 6 and Uber is Arion,” the administrator for that forum claimed that teapotuberhacker was the same individual who had allegedly hacked Microsoft and “owned” Doxbin.” reads the report published by FlashPoint.
The person behind the teapotuberhacker handle is thought to be ‘LAPSUS$’s apparent ringleader.’ It is also thought to be ‘LAPSUS$’s apparent ringleader,’ going by the aliases White, Breachbase, and WhiteDoxbin. If these allegations are true, they may explain the arrest of another individual.
A little background on similar previous attacks
According to the FBI’s Internet Crime Report, nearly 324,000 social engineering attacks were reported last year, an increase of almost three times the 2018 figures. Hackers were able to steal nearly $2.4 billion last year due to social engineering attacks, according to the FBI’s Report. One reason for the increase could be that companies have become increasingly vulnerable to cyberattacks since moving to remote work at the beginning of the Covid-19 pandemic in 2020.
San Francisco-based communications firm Twilio was also breached by hackers last year using social engineering. And we can say the same thing for Uber, where this case was not the first scenario to happen to the company. In 2016, hackers stole information from 57 million driver and rider accounts and then approached Uber and demanded $100,000 to delete their copy of the data. Uber arranged the payment but kept the breach a secret for more than a year. Unfortunately for the company, this time, they couldn’t keep it from the public eye, but in a statement from the officials of the company, Uber seems to have handled this current issue very well, and the situation was under control.