Popular food delivery company Grubhub announced it suffered a security breach involving a “third-party actor,” which gave “unauthorized access to certain user contact information.” The company announced this issue in a press release after it partnered with leading forensic experts and believes the incident has been fully contained.
Grubhub explains that it detected “unusual activity within our environment traced to a third-party service provider for our Support Team. Upon discovery, we promptly launched an investigation, identifying unauthorized access to an account associated with this provider. We immediately terminated the account’s access and removed the service provider from our systems altogether.”
According to Grubhub, this security breach gave access to the following data:
Names, email addresses, and phone numbers
Partial payment card information for a subset of campus diners (card type and last four digits of the card number)
The hacker also accessed hashed passwords for certain legacy systems. While they haven’t accessed any codes associated with Grubhub Marketplace accounts, the company encourages users to use unique passwords to minimize risk. This means that if they use the same password for different accounts, they should definitely change their codes.
Still, Grubhub says that the majority of user’s data hasn’t been accessed, which includes:
Grubhub Marketplace customer passwords
Merchant login information
Full payment card numbers
Bank account details
Social Security or driver’s license numbers
Finally, the company states to avoid further security breaches, it’s implementing new measures:
Engaged Forensic Experts: Partnered with a third-party cybersecurity firm for a comprehensive investigation.
Strengthened Credential Security: Rotated all relevant passwords to prevent potential unauthorized access.
Enhanced Monitoring: Deployed additional anomaly detection mechanisms across internal services.
BGR will let you know as we learn more about Grubhub’s security breach and whether it could have a broader impact on its users.
The post Grubhub user data compromised in major security breach appeared first on BGR.
Today’s Top Deals
Today’s deals: $329 Apple Watch Series 10, $219 Bose soundbar, 40% off eufy video smart lock, more
Today’s deals: Record-low prices on AirPods Pro 2, iPad 10, AirPods 4, Apple Watch Series 10, more
Today’s deals: $20 Amazon credit, $4 Anker UDB-C cables, $30 Magic Bullet, $160 TP-Link mesh WiFi, more
Best deals: Tech, laptops, TVs, and more sales
Grubhub user data compromised in major security breach originally appeared on BGR.com on Tue, 4 Feb 2025 at 10:25:43 EDT. Please see our terms for use of feeds.