Grubhub user data compromised in major security breach
Popular food delivery company Grubhub announced it suffered a security breach involving a “third-party actor,” which gave “unauthorized access to certain user contact information.” The … The post Grubhub user data compromised in major security breach appeared first on BGR.
Popular food delivery company Grubhub announced it suffered a security breach involving a "third-party actor," which gave "unauthorized access to certain user contact information." The company announced this issue in a press release after it partnered with leading forensic experts and believes the incident has been fully contained.
Grubhub explains that it detected "unusual activity within our environment traced to a third-party service provider for our Support Team. Upon discovery, we promptly launched an investigation, identifying unauthorized access to an account associated with this provider. We immediately terminated the account’s access and removed the service provider from our systems altogether."
According to Grubhub, this security breach gave access to the following data:
- Names, email addresses, and phone numbers
- Partial payment card information for a subset of campus diners (card type and last four digits of the card number)
The hacker also accessed hashed passwords for certain legacy systems. While they haven't accessed any codes associated with Grubhub Marketplace accounts, the company encourages users to use unique passwords to minimize risk. This means that if they use the same password for different accounts, they should definitely change their codes.
Still, Grubhub says that the majority of user's data hasn't been accessed, which includes:
- Grubhub Marketplace customer passwords
- Merchant login information
- Full payment card numbers
- Bank account details
- Social Security or driver’s license numbers
Finally, the company states to avoid further security breaches, it's implementing new measures:
- Engaged Forensic Experts: Partnered with a third-party cybersecurity firm for a comprehensive investigation.
- Strengthened Credential Security: Rotated all relevant passwords to prevent potential unauthorized access.
- Enhanced Monitoring: Deployed additional anomaly detection mechanisms across internal services.
BGR will let you know as we learn more about Grubhub's security breach and whether it could have a broader impact on its users.
The post Grubhub user data compromised in major security breach appeared first on BGR.
Today's Top Deals
- Today’s deals: Record-low prices on AirPods Pro 2, iPad 10, AirPods 4, Apple Watch Series 10, more
- Today’s deals: $17.50 Apple AirTags, $79 Vizio soundbar, $500 off eufy Omni S1 Pro, $180 Beats Studio Pro, more
- Today’s deals: $199 iPad 9, Galaxy S25 preorder deals, 25% off COSORI air fryer, $20 Anker power strip, more
- Today’s deals: $329 Apple Watch Series 10, $219 Bose soundbar, 40% off eufy video smart lock, more
Grubhub user data compromised in major security breach originally appeared on BGR.com on Tue, 4 Feb 2025 at 10:25:43 EDT. Please see our terms for use of feeds.
