HomeSecurity OperationsGrubhub Breach Exposes Campus Diners and Customer Service Contacts

Grubhub Breach Exposes Campus Diners and Customer Service Contacts

Published on

spot_img

Grubhub, a popular food delivery app, recently fell victim to a hacker who managed to access user data including names, email addresses, and phone numbers. The breach, which was reported on Monday, affected users of Grubhub’s services, but the exact number of customers impacted was not disclosed by the company.

The hacker targeted various groups of users, including those enrolled in Grubhub’s “campus diners” program, which caters to college students. Additionally, contact information for diners, merchants, and drivers who interacted with Grubhub’s customer care service was compromised in the breach.

Although sensitive information such as full payment card details was not stolen, the hacker did manage to view the last four digits of payment cards for some campus diners. Furthermore, the breach exposed passwords for older internal Grubhub systems, potentially paving the way for a broader attack on the app’s databases. However, Grubhub reassured users that the accessed passwords were stored in a hashed format, making it difficult for the hacker to decipher them. In response, the company proactively changed any passwords that were deemed at risk.

Despite the hacker’s unauthorized access to certain data, Grubhub emphasized that no passwords associated with Grubhub Marketplace accounts were compromised. Nevertheless, the company urged all customers to use unique passwords to minimize any potential risks to their accounts.

The security breach was facilitated through a third-party contractor that provided support services to Grubhub. Following the incident, Grubhub promptly removed the contractor from its systems and engaged forensic experts to investigate the breach. The food delivery service expressed confidence that the breach had been contained and assured users that steps were being taken to prevent similar incidents in the future.

With over 33 million customers, Grubhub is a major player in the food delivery industry. Last month, the app underwent a change in ownership when it was acquired by Wonder Group from Just Eat Takeaway.com.

The breach serves as a reminder of the ongoing threats posed by cybercriminals and the importance of robust security measures to safeguard user data. Grubhub’s swift response to the incident demonstrates the company’s commitment to addressing security breaches and protecting the privacy of its customers. As online platforms continue to face evolving cybersecurity challenges, maintaining a vigilant approach to data security remains crucial to safeguarding user information.

Source link

Latest articles

7 Essential Skills and Traits of Elite Security Engineers

The Evolving Landscape of Cybersecurity: Challenges and Insights In the rapidly advancing domain of cybersecurity,...

Microsoft Addresses Multiple Windows RDP Vulnerabilities That Expose Sensitive Data Over the Network

Microsoft has recently taken significant steps to address multiple vulnerabilities related to the Windows...

AI Introduces Human Oversight Tax for Cybersecurity

Security Teams Save Time on Tasks but Spend More Time Checking AI's Work In an...

Patch Tuesday Summary: Microsoft Addresses Record 569 Vulnerabilities; SAP Resolves Critical Memory Corruption Issue

In a recent update, Thomas Fritsch, an esteemed SAP researcher at Onapsis, highlighted critical...

More like this

7 Essential Skills and Traits of Elite Security Engineers

The Evolving Landscape of Cybersecurity: Challenges and Insights In the rapidly advancing domain of cybersecurity,...

Microsoft Addresses Multiple Windows RDP Vulnerabilities That Expose Sensitive Data Over the Network

Microsoft has recently taken significant steps to address multiple vulnerabilities related to the Windows...

AI Introduces Human Oversight Tax for Cybersecurity

Security Teams Save Time on Tasks but Spend More Time Checking AI's Work In an...