Grubhub Data Breach Overview
If you use Grubhub, your data may have been compromised recently. On Monday, the popular food delivery app reported a data breach involving user names, email addresses, and phone numbers. The breach specifically affected campus diners, a program aimed at college students, as well as merchants and drivers who have interacted with Grubhub's customer care.
Details of the Breach
The hacker gained access to contact information for users and was able to view the last four digits of payment cards for some campus diners. However, it's important to note that no user login data or full payment card information was stolen. The hacker did manage to access passwords from older internal Grubhub systems, which raised concerns about a potential wider breach. Fortunately, the passwords were stored in a hashed format, providing an additional layer of security.
In response to the incident, Grubhub stated that they have proactively rotated any passwords that might have been at risk. They also encouraged users to utilize unique passwords to minimize security risks.
How the Breach Occurred
The breach was executed by compromising a third-party contractor that provided support services for Grubhub. In light of this incident, Grubhub has removed the contractor from its systems and engaged forensic experts to investigate the breach thoroughly. The app reassured users that the incident has been fully contained.
Grubhub's Customer Base
Grubhub currently serves over 33 million customers. Recently, the app was sold by Just Eat Takeaway.com to Wonder Group, indicating significant changes in its management and operations.
For further updates on this situation, stay tuned as Grubhub continues to address the breach and enhance its security measures.
Comments
Join Our Community
Create an account to share your thoughts, engage with others, and be part of our growing community.