Grubhub Confirms Data Breach Involving Customers, Drivers
Grubhub Confirms Data Breach affecting consumers, merchants, and drivers, with contact information stolen. The company acknowledged the breach on Monday, stating that an unauthorized party accessed the data through a third-party service provider used by its Support Team.
According to a press release by Grubhub, it observed several abnormal actions within its own system and launched an internal investigation with the help of forensic experts, which led to the fact that the breach had originated from an account owned by a third-party service provider that was tasked with providing support services to the firm.
However, after this find, the firm acted with immediate urgency, resetting some passwords and upping the monitoring of its internal systems.
“We remain committed to protecting the trust placed in us by our customers, merchants, and drivers,” Grubhub said. “We have taken decisive steps to further secure our systems and are actively strengthening our security controls to prevent similar incidents in the future.”
Grubhub confirmed that breach included campus diners, merchants, and drivers who had engaged with the firm’s customer support service. Infected data covers the following lists:
In addition, the company said hashed passwords from some legacy systems accessed as a result of the incident. Grubhub has actively reset any passwords that may have fallen into potential risk.
Although the breach occurred, Grubhub assured customers that its main platform, Grubhub Marketplace, was not affected. Additionally, the company noted that no sensitive personal data, including Social Security numbers, driver’s license details, full payment card information, or merchant logins, were accessed during the breach.
Most users do not need to take any action at this time, but Grubhub highly recommends that customers create unique passwords for their accounts as a precautionary measure.
This latest breach highlights the ongoing security challenges faced by digital service providers and underscores the importance of robust cybersecurity measures to protect customer data. As Grubhub continues to enhance its security framework, users are encouraged to remain vigilant and practice good cybersecurity hygiene, such as using strong, unique passwords and enabling multi-factor authentication when available.
