Food Ordering And Delivery Service EatStreet Disclosed Data Breach

  • 2

Another day, another breach. The victim now appears to be the food ordering and delivery service EatStreet. In breach notices sent to the service partners, customers, and delivery services, EatStreet disclosed a data breach incident that targeted the service in May.

EatStreet Disclosed Data Breach

Reportedly, the food delivery service EatStreet disclosed data breach to its customers and affiliates. The service suffered a security breach in May 2019, that possibly exposed personal details of affected individuals.

The incident allegedly happened on May 3, 2019, following unauthorized access to their database. EatStreet detected the issue a few days later on May 17, 2019. As stated in their notice,

The unauthorized third party was able to acquire information that was in our database on May 3, 2019.

The security incident directly affected EatStreet’s customers, restaurant partners, and delivery services. Consequently, the information breached during the incident also varies with the category. With regards to the breached information of the diners (customers), the notice stated:

The information that the unauthorized third party may have accessed included the payment card information for a limited number of diners. Unfortunately, we believe this incident may have included your name, credit card number(s) ending in<<ClientDef1(XXXX)>>, expiration date, card verification code, billing address, email address, and phone number.

Whereas, for the delivery services and partnering restaurants, the breached details include restaurant name and address, or the delivery service name, concerned person’s name, email address, phone number, and bank account and routing number.

However, EatStreet did not specify the number of customers, or the affiliated services affected by this incident.

After noticing the breach, the service employed all the necessary steps to contain the attack. They involved an IT forensic firm for investigations that still continue, and improved their systems’ security.

We have enhanced the security of our systems, including reinforcing multi-factor authentication, rotating credential keys and reviewing and updating coding practices.

GnosticPlayers In Action Again

The notice shared by EatStreet does not mention any technical details associated with the breach. Nonetheless, according to ZDNet, the incident links back to GnosticPlayers – the same hacker behind the Canva breach.

According to the details shared by the hackers with ZDNet, the breach at EatStreet impacts around six million users. As stated by ZDNet,

The hacker claimed he was in the possession of over six million user records he took from the company’s servers.

Take your time comment on this article.



Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!