Lessons Learned From the Latest Supply Chain Breaches

A supply chain attack can carry a huge number of implications for any organization. Digital supply chains are made up of the vendors, suppliers, and other third-parties that have network access. Enterprises are only as secure as their weakest third-party link and unfortunately, when this weakness is leveraged by cybercriminals, it can set off a domino effect of security risks with long-term negative impacts on the company finances, reputation, employee welfare and customer’s personal data.

Let’s take a look at Uber — the latest breach, the so-called “UberLeaks”, has allegedly exposed a large amount of company data, including IT asset information, and more than 70,000 employee email addresses. No customer data was reported to be stolen.

Attacks like this open the door to highly targeted spear phishing campaigns, which use the leaked information to send highly believable targeted emails and texts. These messages are designed to steal credentials, money, or other sensitive information. Phishing like this puts Uber and other similarly targeted organizations, plus their employees and stakeholders at greater risk.

This latest attack comes just months after Lapsus$ reportedly accessed the company’s internal network, which has the potential to erode the trust of its stakeholders and customers. According to BlueVoyant’s threat intelligence, Lapsus$ is a financially-motivated cyber criminal group that claimed responsibility for reported attacks on Okta, NVIDIA, Samsung, and others.

In that attack, the threat actors used social engineering to get around multi-factor authentication, or MFA. MFA uses multi pieces of information to access an account or system, such as a password and a code from an app. It increases cybersecurity, but was recently reportedly used to attack Uber and Rockstar Games.