Meals supply firm GrubHub disclosed a knowledge breach impacting the non-public info of an undisclosed variety of clients, retailers, and drivers after attackers breached its programs utilizing a service supplier account.
“Our investigation found that the intrusion originated with an account belonging to a third-party service provider that provided support services to Grubhub,” the corporate stated on Monday.
“We immediately terminated the account’s access and removed the service provider from our systems altogether.”
In response to this incident, the corporate employed exterior forensic consultants to evaluate the breach’s influence, rotated passwords to stop additional unauthorized entry, and added extra anomaly detection mechanisms throughout its inside providers.
The follow-up investigation discovered no proof that the attackers accessed different delicate private and monetary info, together with Grubhub Market buyer passwords, service provider login info, full fee card numbers, checking account particulars, Social Safety numbers, or driver’s license numbers.
Nonetheless, GrubHub stated that, relying on the affected person, the attackers gained entry to names, e mail addresses, and cellphone numbers, in addition to partial fee card info (together with card kind and final 4 digits of the cardboard quantity) for some campus diners.
“The unauthorized individual accessed contact information of campus diners, as well as diners, merchants and drivers who interacted with our customer care service,” GrubHub stated.
“The unauthorized get together additionally accessed hashed passwords for sure legacy programs, and we proactively rotated any passwords that we believed may need been in danger.
Whereas the attackers did not entry Grubhub Market account passwords, the corporate urged clients to at all times use distinctive passwords to attenuate dangers.
A Grubhub spokesperson was not instantly out there for remark when contacted by BleepingComputer earlier in the present day.
Grubhub is a food-ordering and supply platform with greater than 375,000 retailers and 200,000 supply companions in over 4,000 cities nationwide.
