Recent Data Leaks at Uber And Rockstar Games' GTA6

Frequent readers of our news already know that there is no such thing as an attack season – cyber criminals strike constantly and unpredictably. However, the surge in ransomware and leakware attacks this past year is noticeable. Recently, two additional big ventures fell victim to attacks shortly after one another, attracting the attention of the media and security professionals.

What Happened? 

Uber

The popular provider of mobility as a service has suffered a cyberattack on September 16th, resulting in the company's admin email dashboard, Slack server, AWS console and many more integral internal systems being compromised. Vulnerability reports and screenshots of confidential information have been leaked on hacker forums.

Clearly proud of his achievement, the hacker has been generous in sharing his method with the press and security geeks. Using a social engineering attack on one employee, he was able to get past the company's existing Multi-Factor-Authentication (MFA) system and gained access to the company's IT infrastructure. This involved the so-called MFA fatigue attack, in which an employee is bombarded by MFA requests by the perpetrator, who is masquerading as internal IT support. Eventually, the employee folds and simply accepts the request to put a stop to the annoying requests. The same tactic was successfully used in recent attacks against Twitter, Mailchimp and other prominent companies. Uber has released a security update, sharing more details about the attack and their response: you can read it here. 

Uber's most critical problem right now are the stolen vulnerability reports. These were downloaded from the company's bug fixing system, which was used to confidentially record vulnerabilities that need to be addressed. This means that many security gaps that were not yet fixed by Uber are known to the hacker, who can now sell this lucrative information to other cybercriminals looking to exploit these gaps.

Rockstar Games' Grand Theft Auto 6

Rockstar Games is currently in the process of developing the sixth edition of their popular video game Grand Theft Auto. On September 17th, the same hacker who is allegedly (according to his own account) behind the Uber attack breached the company's Slack server and Confluence wiki, gaining access to the source code and gameplay videos of the unfinished game. The videos were subsequently leaked to GTAForums, a popular fan forum dedicated to the game franchise, and from there quickly went viral, putting further PR pressure on Rockstar Games. 

Managing the resulting PR storm would've already been enough trouble, but the worst part was yet to come. The perpetrator is now extorting Rockstar Games using the game's stolen source code and assets as ransom. While the hacker has declared the source code of GTA5 for sale to buyers bidding over $10.000, only screenshots of the GTA6 source code have been leaked so far with no indication if more will follow. No technical details regarding the attack have yet been revealed by the company nor the attacker, leaving security experts guessing. 

How Could Have These Attacks Been Prevented?

The case of Uber once again proves that the human error is not to be underestimated. Despite Multi-Factor-Authentication and other cybersecurity measures in place, the hacker was still able to gain access to the company's information just by deceiving an employee. These incidents can be inhibited by sensitizing associates to the dangers of cybercrime, as well as providing proper training as well as clear cybersecurity procedures. 

However, even the most rigorous training cannot eliminate all human error. The risk is just too high and the vulnerabilities plentiful. That's why it's just as important to make use of additional safety layers on the technical side.

In both instances, the companies' data loss might have been greatly reduced if a robust end-to-end data encryption software were included. If all previous defenses fail, encryption acts as the unmoving goalie, making sure that the stolen data will be of no use to the attacker in their encrypted state. An effective strategy is having the data repository physically separated from the encryption solution. This way, even if the criminal manages to break into your encryption provider's account, they would need to break into the repository as well in order to access the data – and vice versa. 

Boxcryptor's Zero-Knowledge-Encryption ensures that not even we can view the encrypted data or restore your password, should you (or an impostor) request it, minimizing the risk of your account getting hacked. Furthermore, our business packages allow company IT administrators to meticulously manage accounts and access rights, providing them with tools to quickly detect suspicious activity and immediately address issues to prevent any further damage. 

Prepare Now And Thank Yourself Later

It's always easier to prevent messes from being created in the first place, instead of scrambling to clean them up afterwards – and these companies are learning this lesson the hard (and expensive) way.

Take the necessary measures now to stay safe and ready for anything that comes your way: Get Boxcryptor today. We offer several packages to make sure that there's something for businesses of all sizes. 

Need further information about what ransomware is and how you can protect yourself against it? Get our free infographic to arm yourself with fundamental knowledge.