.jpg)
Earlier this month, Grubhub confirmed a breach linked to a third-party vendor, resulting in unauthorized access to certain user contact information. This incident highlighted the ongoing risks associated with supply chain security. While Grubhub is confident that sensitive data such as full payment details and Social Security numbers were not compromised, the breach still affected important pieces of information. Currently, Grubhub believes the incident has been fully contained.
What Happened?
Unusual activity was detected within Grubhub’s system, which was later traced back to a third-party service provider supporting their Support Team. Upon discovering this activity, Grubhub quickly initiated an investigation and identified the unauthorized access as originating from an account linked to this provider. The compromised account was promptly terminated, and the service provider was removed from the system.
What Data was Accessed?
An unauthorized individual gained access to their system and retrieved contact information for campus diners, along with data from diners, merchants, and drivers who interacted with their customer care service. The specific data accessed varied for each individual, including:
- The names, email addresses, and phone numbers of campus diners, merchants, drivers, and those who interacted with customer service.
- Partial payment card information, including the card type and last four digits, for certain campus diners.
- Hashed passwords associated with older systems (with Grubhub taking immediate action to rotate the impacted credentials).
Though the Threat Actor was not able to access any passwords associated with Grubhub Marketplace accounts, Grubhub takes the extra step to reiterate to their customers to use unique passwords to mitigate the risk.
.jpg)
How Did This Happen?
As the story goes, you’re only as strong as your weakest link. The breach itself originated from an account belonging to the third-party service. This is the common theme with hackers using vendors to infiltrate a business to get their hands on the organization's infrastructure.
Response and Recovery From Grubhub
- Engaged Forensic Experts: Worked with an external firm to carry out a detailed investigation.
- Strengthened Credential Security: Updated all relevant passwords to block any potential unauthorized access.
- Enhanced Monitoring: Installed advanced anomaly detection tools across internal services for added protection.
We Can Help.
At Skyriver IT, we understand the critical importance of securing your business from third-party vulnerabilities and cyber threats. With our comprehensive cybersecurity solutions, we help companies like yours safeguard sensitive data, implement robust security protocols, and proactively monitor for potential breaches. Trust us to provide expert guidance and protection to keep your business secure and resilient in an ever-evolving digital landscape. Contact Skyriver IT today to learn how we can strengthen your cybersecurity and prevent future incidents.
