A business technology news website reported the EatStreet data breach. Who breached the online food ordering service? And what can we learn about it?
EatStreet Data Breach
EatStreet experienced a data breach last May 2019. Also, they confirmed the incident.
The online food service informed their customers about it through notification letters. Also, they alerted the involved delivery services and restaurant partners.
Moreover, they said that the hackers hacked their network on May 3. The downloading and accessing process lasted for two weeks.
Furthermore, they detected the illegal access on May 17. And they immediately removed the hacker’s access.
The hacked information
Hackers stole the customers’ information. It came from online and mobile service data. Especially those who ordered from the application.
Besides, the hacker also accessed the information of the participating restaurants. Also, they got data about third-party delivery services.
What was the hacked information?
- Names
- Phone numbers
- Credit card numbers and verification codes
- Billing addresses
- Email addresses
- Bank accounts
- Routes for restaurants and delivery
The affected customers
EatStreet did not confirm the exact number of affected customers. But, the hacker claimed that he has over six million user records.
Also, we can estimate the number of affected clients. EatStreet is available in over 250 cities. And there are 15,000 restaurants connected with the app.
Eatstreet’s action
EatStreet said in its email that they informed the credit card issuers about the breach. So, the card brands know about it.
Moreover, they hired one of the best IT forensics team. Thus, it helps them react and investigate the breach.
Additionally, they said that they improved their systems’ protection. They also applied multi-factor authentication for better security.
Also, they switched credential keys. Lastly, they said that they reviewed and updated their codes.
Up to date, the company claims that there were no signs that the hackers used the data for fraud. Thus, they did not inform any law enforcement about the breach.
What you can do
If you are an EatStreet customer, you must be scared of identity theft and fraud. So, they provided instructions.
You can follow these to protect your information.
- Review your account. It is the first thing that you should do. You should analyze your credit or debit card account statements.
- Be alert. Watch out for unusual activities. Also, you can determine if there are unwanted withdrawal of funds in your card.
- Inform your bank. If you see any unusual withdrawal or activities, inform your bank asap. They will help you freeze your account.
Thus, if you received a data breach email from EatStreet, please take the above steps to protect your data.
About the hacker of EatStreet Data Breach
Gnosticplayers claimed that they are responsible for the Eatstreat data breach. They are also the ones who hacked Canva, UnderArmor, and others.
Moreover, he posted over 1 billion stolen data on the black market in less than six months. Gnosticplayers claims that he is a one-man-band.
Also, he said that he has a lot more data. In the Eatstreet data breach, he stayed undetected for 14 days. When the foodservice detected him, he already stole a lot of data.