- The Grubhub food delivery service has been raped by a third -party supplier
- The incident has left personally identifiable information exposed to users and other
- Grubhub launched a complete survey
Grubhub confirmed the suffering of a “security incident” involving a third -party contractor who led to unauthorized access to a set of user coordinates.
The violation was detected after the company noticed an unusual activity in its environment, that it traced a third -party supplier who provides services to its assistance team. Once discovered, Grubhub has launched an investigation and would have found unauthorized access to an account associated with the seller.
The company says it has taken “immediate measures” to contain the situation and is now convinced that the incident is “fully contained”. Data disclosed includes names, email addresses, telephone numbers and partial payment information for a group of users. It is also believed that the threat actor had access to chopped passwords for inherited systems.
Know your seller
Following the incident, Grubhub said that he had strengthened his security by implementing improved surveillance services, as well as strengthening the safety of diplomas and engaging forensic experts to conduct a complete investigation.
This incident proves to which the crucial surveillance of your systems and suppliers is for companies of all sizes. Third -party data violations have become a major security problem thanks to the large number of suppliers that most companies will use, many of which are small businesses with smaller cybersecurity budgets.
“If you want to enter a large organization, you are going through [third-party vendors]. You opt for low fruits. We have 14,000 suppliers worldwide providing everything, uniforms in retail branches to large -scale data centers, “Benedict Peet told Benedict from Standard Bank Techradar Pro.
“You must have an evolutionary security questionnaire to ask them, but the risk is always the same, whether it is a mom and a pop store in the rear streets of Seoul or in Atos Origin or someone like that.”
Data violations put the victims at the risk of identity theft, so take a look at our choices for better protection against identity theft if you are featured, you may be affected.
