Uber said on Monday that it believed a hacking group dubbed Lapsus$ was behind a cyberattack last week and noted that other victims of the group’s attacks this year included Cisco, Nvidia, Okta and Samsung. Microsoft also said that Lapsus$ had accessed one of its accounts.
According to Uber, the attacker probably bought a company contractor’s password on the dark web after a malware attack, and the contractor accepted a two-factor authentication request. The attacker downloaded some Slack messages and posted a note to a Slack channel that “many of you saw,” the ride-sharing company said.
Hackers often use so-called social engineering, which involves exploiting trusted individuals rather than just going after hardware and software.
“There’s no finish line when it comes to security and social engineering,” Benioff said during a press conference at Salesforce’s Dreamforce conference in San Francisco on Tuesday. “There’s things that we’re going to need to do to help our customers prevent these kinds of issues.”
Salesforce has seen its systems exploited in the past. In 2007, a hacker reportedly obtained email addresses stored in Salesforce and used them to go after clients of Automatic Data Processing and other Salesforce customers. And in June, Salesforce’s Heroku unit said a hacker had obtained account passwords and some source code.
“We’ve been through almost every possible situation,” Benioff said. “There’s a lot for us to do in perpetuity, and we’re going to just keep working on it.”
Most of the company’s engineering team works on security and trust, said Bret Taylor, Salesforce’s other co-CEO. Taylor said that trust was one of Salesforce’s original values when the company was founded in 1999.