AT&T, Uber Breaches: Urgency in Addressing Credential Theft Risks

With extensive experience in offensive and defensive cyber operations, the founders of UNIXi recognized the prevalence of social-engineering-related hacking. Yearly, there are billions of hacking attempts on enterprise ecosystems. More than half of the successful ones are made through social engineering - focusing on the weakest link in the chain: humans. What makes us human is that we make mistakes, and that is exactly what hackers exploit. In institutions where security matters, one mistake is enough. To highlight the risk of this, and how UNIXi eliminates this risk, this blog post elaborates on one aspect of social engineering - credential theft. Here are some of the main ways hackers use credential theft, exemplified by the hacking into AT&T and Uber.

AT&T - No User is Safe. Anywhere.

On March 30, 2024, AT&T disclosed a staggering breach dating back to 2019 or earlier, affecting over 70 million users' identity information, including passwords, which were subsequently sold on the dark web. Of these users, 7.6 million are current subscribers, while the remainder are former customers. The impact of this breach is difficult to overstate, given its sheer scale. In response, AT&T issued a seemingly routine advisory, urging affected consumers to change their passwords, monitor additional accounts, and even consider freezing their credit with the major bureaus due to the exposure of social security numbers.

What's particularly concerning is the common practice among users of reusing passwords across various platforms. Even if AT&T customers change their passwords within the AT&T ecosystem, hackers are adept at leveraging these credentials across multiple platforms. With millions of users potentially compromised, the repercussions extend beyond mere inconvenience. Medical records, financial details, and other sensitive information are all potentially at risk.

Moreover, the fallout for AT&T itself cannot be overlooked. As a telecommunications behemoth with its own cybersecurity consulting arm, the breach poses significant challenges to its brand integrity, reputation, and financial standing. Operating in a fiercely competitive market, AT&T's rivals may exploit this breach to gain an edge, further compounding the damage.

In light of such vulnerabilities, UNIXi’s solution offers a compelling remedy. By implementing UNIXi's technology, AT&T could have mitigated this risk with minimal investment, safeguarding both its users and its own interests. But more on that later

Uber Hacking - MFA Cannot Stand Alone

Some may argue, "what about Multi-Factor Authentication (MFA)? That surely solves this issue." Well, it doesn't – and numerous successful attacks, notably the Uber hack of 2022, underscore this point. MFA is indeed a powerful tool, which may also be easily enforced across an organization with UNIXi's seamless integration capabilities. However, it's not infallible.

In 2022, an eighteen-year-old breached Uber's intranet despite MFA protection. The method was deceptively simple. By purchasing stolen credentials from the darknet, the hacker bypassed Uber's defenses. These credentials, obtained from various sources, were then systematically tested across different systems, a technique known as credentials spraying. Alternatively, the hacker could link stolen credentials to an employee's identity via social networks, exploiting the trust associated with the user's profile. Upon attempting access to Uber's intranet, an MFA request was triggered, prompting the hacker's ingenious response – a WhatsApp message posing as Uber security, manipulating the employee into approving the MFA request. This clever tactic, termed a "MFA fatigue attack," involved bombarding the employee's phone with repeated requests until compliance was achieved. The result? Full access to Uber's privileged information. This scenario illuminates common hacker strategies and underscores the limitations of MFA. While it bolsters security, MFA is not impervious to exploitation.

UNIXi’s Solution: Uncompromising Security

In the cases above, and in millions of other cases, implementing UNIXi’s solution would have saved a lot of grief for millions of users, company managers, and cybersecurity specialists who seek to protect their companies’ systems. One of UNIXi’s patented technologies protects every user’s credentials by adding an additional layer of protection to the password. Effectively, with UNIXi, a user can create the simplest of passwords, reveal them to anyone, and no one but the user would be able to use them. All this, with zero password storing, not on the user’s computer, and not on UNIXi’s servers. It seems like magic, and it is, but it is based on years of experience and work on this cutting-edge technology.

By addressing the vulnerabilities inherent in traditional password-based authentication systems, UNIXi offers a comprehensive solution that fortifies enterprise security while minimizing disruption and cost. CISOs and cybersecurity specialists have a responsibility to protect their users and companies. UNIXi empowers them to fulfill this duty effectively, ensuring peace of mind and safeguarding against the ever-evolving landscape of cyber threats.?