In light of an attack on Uber employing Salesforce’s Slack chat app, co-CEO Marc Benioff stated that the cloud software business has much more to do in the area of cybersecurity.
Uber claimed on Monday that it thought the Lapsus$ hacker collective was responsible for the breach that occurred last week. The company also mentioned that Samsung, Cisco, Nvidia, and Okta were among the other companies the gang has attacked this year. Microsoft added that one of its accounts had been accessed by Lapsus$.
Uber claims that following a malware assault, the attacker most likely purchased a firm contractor’s password on the dark web, and the contractor complied with a request for two-factor authentication. The ride-sharing business claimed that the attacker collected several Slack communications and uploaded a letter to a Slack channel that “many of you saw.”
Hackers frequently employ “social engineering,” which entails taking advantage of reliable people rather than just attacking technology and software.
During a press conference on Tuesday at Salesforce’s Dreamforce convention in San Francisco, Benioff declared that “there’s no finish line when it comes to security and social engineering.” We will need to take some steps to assist our consumers in avoiding problems of this nature.
In the past, Salesforce’s systems have been misused. A hacker allegedly stole email addresses kept in Salesforce in 2007 and exploited them to target Automatic Data Processing clients as well as other Salesforce users. Additionally, Salesforce’s Heroku division said in June that a hacker had gotten certain source code and account passwords.