EatStreet discloses about a security breach which occurred on May 2019
EatStreet has revealed about a security breach which took place on May 2019, and in which a hacker has stolen the database of the company, complete with partner and customer details.
ZDNet came to know that Gnosticplayers, a hacker who has earlier breached numerous other online services, is responsible for this security breach. Till now the hacker has boasted only about breaching the EatStreet, but has not provided any proof of the hack. Although, the company has admitted about getting hacked in numerous data breach notification letters that was sent to the end-customers, restaurant partners, and delivery services by the company.
According to EatStreet, its computer network was breached by the hacker on May 3, 2019. Then the hacker goes ahead to access as well as download information from EatStreet's database till May 17, the date when the hacker's access was promptly terminated by EatStreet after detecting the intrusion.
The hacker has stolen information of the customers, who has used the EatStreet mobile or online service so as to order food for their homes from the local restaurants. The hacker has also stolen information that EatStreet had on the restaurants participating in their service, along with information on third-party delivery services who EatStreet had partnered with in order to deliver their food from the restaurants to the customers' homes. The accessed information contains names, email addresses, phone numbers, bank accounts, as well as routing numbers for the restaurants along with the delivery services.
For the customers who have ordered food via the EatStreet app or website, the information that the hacker may have stolen or accessed included names, billing addresses, credit card numbers, card verification codes, expiration dates, phone numbers, and email addresses.
The hacker has claimed in email to ZDNet that he was in possession of more than 6 million user records, which he took from company's servers. However, EatStreet didn't say anything about the number of users affected by this security breach incident.
In their notification letter, EatStreet has said that it notified the credit card payment processors of this hack "so that the card brands are [...] aware of the incident".
EatStreet also added that "in addition, we have enhanced the security of our systems, including reinforcing multi-factor authentication, rotating credential keys and reviewing and updating coding practices".
» SPAMfighter News - 7/8/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!