- Grubhub food delivery service has been violated through a third -party supplier
- The incident left personal identification information exposed to users and others
- Grubhub has launched a complete investigation
Grubhub has confirmed that suffering a ‘security incident’ that involves a third -party contractor that resulted in unauthorized access to a user contact information set.
The violation was detected after the company noticed an unusual activity within its environment, which goes back to a third -party provider that provides services for its support team. Once discovered, according to the reports, Grubhub launched an investigation and found unauthorized access to an account associated with the supplier.
The company says that ‘immediate action’ was needed to contain the situation and now trusts that the incident is ‘completely content’. The leaked data include names, email addresses, telephone numbers and partial payment information for a group of users. It is also believed that the threat actor had access to hash passwords for inherited systems.
Know your supplier
After the incident, Grubhub said he improved his safety in implementing improved monitoring services, as well as strengthening the safety of credentials and involving forensic experts to complete comprehensive investigation.
This incident demonstrates how crucial its systems and suppliers for companies of all sizes is monitoring. Third -party data violations have become a great security concern thanks to the large number of suppliers that most companies will use, many of which are smaller companies with smaller cyber security budgets.
“If you want to enter a great organization through which you pass [third-party vendors]. Go for the low fruit. We have 14,000 worldwide suppliers that provide everything from uniforms in retail branches to large -scale data centers, “said Benedict Benedict Banedict Bank by Standard Bank Techradar Pro.
“You must have a scalable security questionnaire to ask them, but the risk remains the same, be it a mother and a pop store in the secondary streets of Seoul or is of Atos Origin or someone like that.”
Data violations put victims at risk of identity theft, so take a look at our choices to obtain the best identity theft protection if you are worried that you can be affected.
