Grubhub disclosed a security incident linked to a third-party service provider that resulted in unauthorized access to user contact data. Although the exact timeframe was not specified, Grubhub acted swiftly to revoke access to the third-party account and initiated a thorough investigation with forensic experts. The breach involved various users, including merchants and drivers, but notably included students from over 360 universities using Grubhub's Campus Dining service. While sensitive data like SSNs and bank details remain secure, Grubhub encourages users to rotate passwords as a precaution.
We recently identified a security incident involving a third-party contractor, resulting in unauthorized access to certain user contact information.
We took immediate action to contain the situation and have worked with leading forensic experts to investigate the matter. We are confident that the incident has been fully contained.
Collection
[
|
...
]