‘You wankers!’ 18-yr-old hacker breaches Uber’s internal messaging system, workers keep engaging for the jokes

Uber suffered an embarrassing breach Thursday as a hacker accessed customer data, employee messaging services and other internal systems.

Claiming to be an 18-year-old hacker going as “Tea Pot,” the anonymous cyber infiltrator, had “full access” to the company’s database, including Amazon and Google-hosted cloud environments where Uber stores its source code and customer data, the Daily Mail reported.

“They pretty much have full access to Uber,” Sam Curry, an engineer at Yuga Labs who communicated with the hacker, told The New York Times. “This is a total compromise, from what it looks like.”

Tea Pot mocked Uber employees on Slack, sending nude images of male genitalia and writing “F**K YOU DUMB WANKERS!”

Uber employees at first believed the interactions were a joke and continued to log onto internal systems, Curry said.

“I announce I am a hacker and Uber has suffered a data breach,” Tea Pot wrote to employees after accessing the system, according to the New York Times.

While there is no indication the hacker did any damage or sought to sell data, Uber has asked law enforcement to investigate the security breach.

“We are in touch with law enforcement and will post additional updates here as they become available,” Uber said in a tweet but offered no additional details.

The hacker allegedly gained access to the database through security research firm HackerOne, where he posed as an employee with the IT department and conned an employee into giving him their password. From there he was able to access internal systems in what Uber described as a “cybersecurity incident.”

“[We are] in close contact with Uber’s security team, have locked their data down, and will continue to assist with their investigation,” said HackerOne’s Chief Hacking Officer Chris Evans.

SalesForce, Inc., the parent company of Slack, said they were investigating any vulnerabilities but there was no indication they had been jeopardized in the breach, according to Reuters.

“My gut feeling is that it seems like they are out to get as much attention as possible,” Curry said of Tea Pot.

Among other barbs, Tea Pot said Uber should pay their drivers more.

“The hacker alerted Curry and other security researchers to the intrusion by using and an internal Uber account to comment on vulnerabilities they had previously identified on the company’s network through its bug-bounty program, which pays ethical hackers to identify vulnerabilities,” the Daily Mail reported.

This is not Uber’s first run in with cybersecurity weaknesses. In 2016, the company suffered a breach that exposed the personal information of 57 million customers and drivers and paid $100,000 in ransom for the data. The company’s cybersecurity chief was fired and charged with obstruction for not reporting the incident to the Federal Trade Commission.

“A U.S. judge last month dismissed the three wire fraud charges against Joseph Sullivan although he still faces two charges of obstructing a U.S. Federal Trade Commission proceeding and failing to report a felony,” Reuters reported.



Please help us! If you are fed up with letting radical big tech execs, phony fact-checkers, tyrannical liberals and a lying mainstream media have unprecedented power over your news please consider making a donation to BPR to help us fight them. Now is the time. Truth has never been more critical!

Success! Thank you for donating. Please share BPR content to help combat the lies.


We have no tolerance for comments containing violence, racism, profanity, vulgarity, doxing, or discourteous behavior. If a comment is spam, instead of replying to it please click the ∨ icon below and to the right of that comment. Thank you for partnering with us to maintain fruitful conversation.

PLEASE JOIN OUR NEW COMMENT SYSTEM! We love hearing from our readers and invite you to join us for feedback and great conversation. If you've commented with us before, we'll need you to re-input your email address for this. The public will not see it and we do not share it.

Latest Articles