Governance, Risk & Compliance
information

Data Management & Governance

Take centralized control and make smarter decisions about what to keep and what to purge.

Explore →
information

Federated Search & eDiscovery

AI-powered universal search purpose-built for collaboration. Find information and surface the full story—faster.

Explore →
information

Monitoring & Moderation

Protect your data and your people with complete, real-time visibility and centralized control of collaboration.

Explore →
Insights & Analytics
information

People Insights

Automatically capture authentic human signals from modern collaboration to support your most valuable asset.

Explore →

Company

About Aware

Our leadership, our company

Careers

Explore open roles with our remote-friendly, global team

Partners

Make deals move faster with Aware

Security

Data security partners & certifications

Contact

Get in touch with us

human-difference
Our Vision

Helping Organizations see the Human Difference

Learn More →

Resources

Access reports, webinars, checklists and more.

Explore →

Blog

Explore articles devoted to enterprise collaboration, employee engagement, research & more

Explore →
image (2)

Six Critical Digital Workplace Security Risks and How to Avoid Them

Learn More →
Menu

The Uber Breach Demonstrates Why We Built Aware

by Aware HQ

It’s time to tackle security and compliance in collaboration platforms like Slack, Microsoft Teams, Workplace and Zoom 

Uber says the cybersecurity incident that recently made headlines began with malware on a contractor’s cellphone. That malware extracted a corporate password, which was sold on the dark web. The hacker who purchased the password sent repeated 2-factor authorization requests to the contractor’s phone until one was eventually accepted, granting him access to the Uber account. 

From there, the hacker was able to access several of Uber’s internal systems and accounts, including Google Workspace, AWS, OneLogin and HackerOne. The infiltrator also posted in a companywide Slack channel announcing the breach. 

With control regained, Uber has now revealed what the hacker did during the breach. Despite accessing several sensitive systems, there is no evidence he changed any code or targeted customer data. Instead, the hacker took Slack messages. 

It does appear that the attacker downloaded some internal Slack messages, as well as accessed or downloaded information from an internal tool our finance team uses to manage some invoices. — Uber press release 

Was the Uber breach the work of a naive threat actor who wanted to embarrass the company and didn’t know what to do with the information at his disposal? Or is the breach just the start of Uber’s PR nightmare? 

What Risks Live in Your Slack Data? 

If somebody breached your Slack (or Teams, or WebEx…) and exfiltrated company messages, would you be worried? Or are you confident that your collaboration tools are free from sensitive information, confidential conversations and intellectual property? 

Let's face it — collaboration tools like Slack are great for getting work done, but the amount of value embedded in these conversations make them an exponentially growing security risk. — Jeff Schumann, Aware Co-Founder & CEO 

Aware was founded by a team of enterprise collaboration experts who saw the value of the new tools they managed — but also realized their risks. Our platform uses smart technology to monitor collaboration messages in real time and identify potential risks before they become part of your collaboration dataset. 

How Bad is Collaboration Risk Really? 

Our research shows that business leaders need to be worried about what their employees are saying in collaboration. We analyzed over a million enterprise collaboration messages, and what we found was disturbing.

hbra stats

The fact is, unless a business manages their collaboration platform and proactively removes unwanted content, it exists in their dataset right now. And it only takes a threat actor minutes to exfiltrate huge volumes of messages. Over a year, an organization with 5000 employees will generate 30 million collaboration messages. How many of them contain passwords, IP, sensitive data or content that’s simply embarrassing to the company if it becomes public? 

Aware Helps Organizations Reduce Collaboration Risk Exposure 

At Aware, we believe that real-time compliance and acceptable use monitoring is the only way to effectively tackle security and compliance in collaboration tools. In the modern digital workplace, there’s too much at stake to be anything but proactive about data security. 

Using Aware, security teams can minimize the impact of a Slack or collaboration breach by proactively drawing attention to unusual behavior, identifying hot spots that represent value that could be stolen, and by removing potentially damaging information before a malicious party can access it. Further, they can strengthen their breach readiness through Aware’s continuous and intelligent data observability, which enables immediate investigation and response. 

That’s why some of the biggest companies in the world trust Aware to help them take control of their collaboration tools. Contact us today to learn more about how Aware can help you improve your risk posture and shine headlights onto the blind spots in your collaboration tools.

New call-to-action

Topics:Data ManagementSlackEnterprise CollaborationInformation Governance