Grubhub says a security breach through a third-party contractor exposed contact information of some customers, merchants, and drivers. The company took swift action to cut off access and is now working with cybersecurity experts to strengthen its defenses.
🔍 What happened? Grubhub detected unusual activity linked to a third-party service provider for its support team. An investigation found that an unauthorized individual accessed an account associated with that provider. Grubhub immediately revoked access and severed ties with the contractor.
📋 What information was accessed? The exposed data includes names, email addresses, and phone numbers. Some campus diners also had partial payment card details exposed, including the card type and last four digits. Additionally, hashed passwords for certain outdated systems were accessed, but Grubhub says it proactively rotated any at-risk credentials. Marketplace account passwords were not compromised, but customers are encouraged to use unique passwords for added security.
🔒 What was NOT accessed? No sensitive personal information was exposed, including full payment card numbers, Social Security or driver’s license numbers, merchant login credentials, or bank account details.
🛠 How Grubhub responded The company says it took immediate steps to contain the breach, including hiring forensic cybersecurity experts, resetting all potentially affected passwords, and strengthening monitoring to detect unusual activity.
🔮 What’s next? Grubhub says the incident has been fully contained, but it’s taking additional security measures to prevent future breaches. Customers concerned about their accounts are encouraged to update passwords and remain cautious of phishing attempts. The company says it remains committed to protecting customer trust and ensuring the security of its platform.
B.T. Clark
B.T. Clark is an award-winning journalist and the Publisher of The Georgia Sun. He has 25 years of experience in journalism and served as Managing Editor of Neighbor Newspapers in metro Atlanta for 15 years and Digital Director at Times-Journal Inc. for 8 years. His work has appeared in several newspapers throughout the state including Neighbor Newspapers, The Cherokee Tribune and The Marietta Daily Journal. He is a Georgia native and a fifth-generation Georgian.
