U.S.-based food delivery powerhouse Grubhub has reported that hackers gained access to the personal information of both customers and delivery drivers following a compromise of its internal systems.
Grubhub, a widely-used platform for ordering and delivering food, boasts a network of over 375,000 merchants and 200,000 delivery personnel across more than 4,000 cities in the United States. The company was acquired by New York’s Wonder Group last autumn for $650 million, significantly lower than the $7.3 billion paid by Just Eat Takeaway in 2020.
On Monday, the Illinois-headquartered firm revealed a data breach that affected the personal information of an unidentified number of customers, merchants, and delivery providers. Grubhub reported observing “unusual activity” within its network, which led to the identification of a third-party service provider responsible for the breach.
“After discovering the issue, we quickly initiated an inquiry, pinpointing unauthorized access linked to this provider’s account,” Grubhub stated. “We acted swiftly to terminate the account’s access and sever ties with the service provider.”
The breach enabled unidentified hackers to access personal information from customers, merchants, and drivers who had engaged with Grubhub’s customer service. It also affected individuals using Grubhub’s Campus Dining service, which allows students to spend meal credits through the app.
According to Grubhub, the compromised personal information includes names, email addresses, phone numbers, and partial card payment details—specifically the last four digits—for a “subset” of campus diners. Additionally, the hackers accessed hashed passwords from certain legacy systems, although Grubhub clarified that bank account and Social Security numbers were not compromised.
In addition to not revealing how many individuals were impacted by the breach, Grubhub has yet to specify when the incident took place.
The company did not provide an immediate response to inquiries from TechCrunch.
If you have further information regarding the Grubhub data breach, we’d like to hear from you. Please reach out to Carly Page securely through Signal at +44 1536 853968 or via email at carly.page@techcrunch.com from a personal device.
Compiled by Techarena.au.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
