TECH

Grubhub Acknowledges Data Breach Impacting Customers and Delivery Drivers

Grubhub, the leading food delivery service in the U.S., has reported that hackers gained access to the personal information of its customers and drivers following a breach of its internal systems.

Grubhub operates a widely used food-ordering and delivery service with more than 375,000 merchants and 200,000 delivery partners across over 4,000 cities in the U.S. The New York-based Wonder Group acquired Grubhub last fall for $650 million, a notable decrease from the $7.3 billion that Just Eat Takeaway paid for the company in 2020.

On Monday, Grubhub, based in Illinois, revealed a data breach that has affected the personal data of an unspecified number of customers, merchants, and drivers. The company reported having detected “unusual activity” within its network, which led back to a third-party service provider.

In a statement, Grubhub said, “Upon discovery, we promptly launched an investigation, identifying unauthorized access to an account associated with this provider. We immediately terminated the account’s access and removed the service provider from our systems altogether.”

The breach enabled unidentified hackers to obtain personal details of customers, merchants, and drivers who have interacted with its customer service. Additionally, users of Grubhub’s Campus Dining service, which permits university students to utilize their meal credits via the app, were also affected.

Grubhub stated that the compromised personal information includes names, email addresses, phone numbers, and partial payment card details—specifically the last four digits of the card number—for a “subset” of campus diners. While hashed passwords for specific legacy systems were accessed, Grubhub confirmed that bank account details and Social Security numbers remained unaffected by the breach.

Grubhub has not disclosed the number of individuals impacted by the breach, nor has it confirmed the timing of the incident.

The company has yet to respond to inquiries from TechCrunch regarding the situation.

Leave a Reply

Your email address will not be published. Required fields are marked *