Subj : GrubHub reveals massive data breach - customers, drivers, busines To : All From : TechnologyDaily Date : Tue Feb 04 2025 16:45:08 GrubHub reveals massive data breach - customers, drivers, businesses all affected, here's what we know Date: Tue, 04 Feb 2025 16:42:40 +0000 Description: A third-party vendor incident has resulted in leaked GrubHub user information. FULL STORY ======================================================================Food delivery service GrubHub has been breached through a third-party vendor The incident left Personally Identifiable Information exposed on users and others GrubHub has launched a full investigation GrubHub has confirmed suffering a security incident involving a third-party contractor which resulted in the unauthorized access to a set of user contact information. The breach was detected after the firm noticed unusual activity within its environment, which it traced back to a third-party vendor that provides services for its Support Team. Once discovered, GrubHub reportedly launched an investigation and found unauthorized access to an account associated with the vendor. The company says it took immediate action to contain the situation and is now confident the incident is fully contained. The leaked data includes names, email addresses, phone numbers, and partial payment information for a group of users. Its also believed the threat actor had access to hashed passwords for legacy systems. Know your vendor Following the incident, GrubHub said it enhanced its security by implementing enhanced monitoring services, as well as strengthening credential security and engaging forensic experts to complete a comprehensive investigation. This incident proves just how crucial monitoring your systems and your vendors is for businesses of all sizes. Third-party data breaches have become a major security concern thanks to the vast number of vendors most firms will use, many of which are smaller companies with smaller cybersecurity budgets. If you want to get into a big organization you go through [third-party vendors]. You go for the low hanging fruit. We've got 14,000 vendors globally providing everything from uniforms in retail branches to large scale data centers, Standard Chartered Banks Benedict Peet told TechRadar Pro . You've got to have a scalable security questionnaire to ask them, but the risk is still the same, whether it's a mum and pop shop in the back streets of Seoul or it's at Atos Origin or someone like that. Data breaches put victims at risk of identity theft, so take a look at our choices for best identity theft protection if you're concerned you might be affected. You might also like Take a look at our pick of the best antivirus software around Check out our recommendations for best malware removal Over a million patients potentially hit after another US healthcare provider hit by cyberattack ====================================================================== Link to news story: https://www.techradar.com/pro/security/grubhub-reveals-massive-data-breach-cus tomers-drivers-businesses-all-affected-heres-what-we-know --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .