Food delivery service Grubhub has suffered a security breach that exposed sensitive information belonging to customers, drivers, and merchants. The breach, caused by unauthorized access through a third-party service provider, compromised personal details, hashed passwords, and partial credit card information.
Grubhub detected suspicious activity within its system, which was later traced to an account used by a third-party customer support provider. The company quickly revoked access to this account and removed the provider from its platform to prevent further unauthorized entry.
What Information Was Compromised?
Hackers gained access to various user data, including:
1. Full names, email addresses, and phone numbers
2. Hashed passwords (which are encrypted for security)
3. Partial credit card details (only the card type and last four digits)
The breach affected individuals who had previously interacted with Grubhub’s customer support or used its campus dining services. However, full payment card details and bank account information were not accessed.
Steps Taken by Grubhub
In response to the breach, Grubhub has implemented several security measures:
- This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents