Sergiu Gatlan reports:
Uber believes the hacker behind last week’s breach is affiliated with the Lapsus$ extortion group, known for breaching other high-profile tech companies such as Microsoft, Cisco, NVIDIA, Samsung, and Okta.
The company added that the attacker used the stolen credentials of an Uber EXT contractor in an MFA fatigue attack where the contractor was flooded with two-factor authentication (2FA) login requests until one of them was accepted.
Read more at Bleeping Computer.