Uber’s hack shows the stubborn power of social engineering

Photo by Amelia Holowaty Krales / The Verge

Like many other hacks, Uber’s major security breach started with a text message. Citing details provided by the alleged hacker, The New York Times reported that a fake text message tricked an Uber employee into revealing their password details, triggering a sequence of events that led to a large-scale compromise of the ridesharing company’s IT systems.

Even for a company with Uber’s resources, these kinds of social engineering threats are impossible to completely defend against. It doesn’t matter how good a firm’s password policies are, whether sensitive information is properly stored or encrypted, and even whether multi-factor authentication is used — there’s always a chance that a human employee will be fooled into letting the...

Continue reading…



from The Verge - All Posts https://ift.tt/cbhxdRE

Post a Comment

0 Comments