Four days after the hack, Uber confirmed that the attacker accessed multiple internet systems, including G Suite account, and downloaded internal Slack messages. A Lapsus$ affiliate is, reportedly, responsible for the breach. Detail here https://www.theregister.com/2022/09/19/uber_admits_breach/
