Uber Applied Sciences Inc. said on Monday that a hacker affiliated with the Lapsus$ hacking group was responsible for a cyberattack that last week prompted the ride-sharing company to quickly shut down several internal communications.

Uber said the attacker did not access any personal accounts or databases containing sensitive personal information such as credit card numbers, checking accounts or travel details.

“The attacker accessed multiple internal programs, and our investigation is to determine whether or not there was a material impression,” Uber said, adding that the investigation is still ongoing.

The company said it was coordinating closely with the FBI and the US Justice Division on the matter.

Friday’s cybersecurity incident had put Uber’s internal communications system on hold for a while, and workers had been restricted to using the Salesforce-owned workplace messaging app Slack.

Uber mentioned that the attacker logged into a contractor’s Uber account after accepting a two-factor login approval request following a number of requests, giving the hacker access to a number of worker accounts and instruments reminiscent of G-Suite and Slack.

The Lapsus$ hacking group has targeted companies such as Nvidia, Microsoft and Okta, an authentication firm relied on by thousands of large enterprises.

Lapsus$ could not be instantly reached for comment.

The hacker, who goes by the name “teapotuberhacker,” also reportedly claimed to have leaked the first gameplay footage of Take-Two Interactive Software Inc’s highly anticipated “Grand Theft Auto VI” on Monday.

The hacker had posted a message on the discussion board about seeking to “negotiate a deal” with the video game company.