Some Of Your Data Is Riding With A Stranger
The news does not look good at Uber, regardless of the spin they may be trying to put on it at the moment. The rumours are about as bad as it could get, attackers seem to have managed to get hold of admin access to Uber’s AWS cloud account and it’s entire VMware vSphere deployment as well as the VMs controlled to it. They also managed to get admin control over both Uber’s internal Slack and Google G Suite account, including over 1PB of storage. Considering the overall security consciousness the average corporate user posses, there are probably a lot of files which should not have been stored there which have been poached.
If that wasn’t bad enough, they also seem to have grabbed internal finance data and that is something which could seriously compromise the company; let alone it’s users and employees. We don’t really have any details now, apart from some screen captures so it is possible that the amount of data that was exfiltrated is nowhere near as bad as it seems, but that is a generally a bad bet to make.
It might be worth updating your password and account settings immediately; we don’t know if that data was grabbed, nor if the Uber breach has been plugged but it’s never a bad idea. In the meantime, if you are an Uber user you should be extra vigilant for phishing attacks and strange emails from Uber.