Uber is investigating a possible breach of its network after a hacker gained access on Thursday to the company’s internal system.
The transport company shut off a number of its internal services, including messaging and engineering services, during the investigation, according to The New York Times.
The person claiming responsibility for the hack told the Times that he gained access to Uber’s internal systems by posing as a corporate information technology person and convincing a company employee to share a password with him.
The hacker accessed the internal messaging service Slack through one person’s account and sent employees a message saying, “I announce I am a hacker and Uber has suffered a data breach.”
The person also posted an explicit photo on a webpage used to communicate with employees, an Uber spokesperson told the Times.
In response to a request for comment, an Uber spokesperson pointed The Hill to a tweet reading: “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.”
The alleged hacker sent images of Uber’s internal systems, including email, cloud storage and code repositories, to the Times and shared information with cybersecurity researchers.
“They pretty much have full access to Uber,” said Yuga Labs Security Engineer Sam Curry to the Times after corresponding with the alleged hacker.
The hacker, who said he was 18 years old, claimed that he broke into Uber because of its weak security and used his access to its Slack messaging service to call for higher pay for Uber drivers.
“We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us,” wrote Uber Chief Information Security Office Latha Maripuri in an internal email seen by the Times.
Updated at 9:26 a.m.