🔍 What Happened?
Grubhub confirmed a security breach exposing customer, driver, and merchant data. The breach was traced to a third-party provider's customer service account, which has since been removed. Names, emails, and phone numbers were accessed, along with hashed passwords and partial credit card details, including card type and last four digits.
🛑 What Was Compromised?
The breach affected users of Grubhub’s customer service system and campus dining service. However, Grubhub states that full payment card details and bank account information were not accessed. The company has proactively rotated passwords for affected accounts but hasn’t disclosed how many accounts were impacted or when the breach occurred.
💰 A Breach During a Sale
The breach comes as Grubhub is being sold by Just Eat to food startup Wonder for $650M. The deal, announced in November 2024, is expected to close in Q1 2025. Just Eat initially acquired Grubhub for $7.3B in 2021, making this a massive loss on the sale.
🚨 What’s Next?
Grubhub has strengthened security measures and is investigating the breach. Users should update their passwords and watch for phishing scams. With its sale to Wonder pending, this incident raises concerns about data security and customer trust.
Will this data breach impact Grubhub’s sale to Wonder?
