Breach cyber

GrubHub

Apr 11, 2025 1 min read
GrubHub

GrubHub experienced a severe security incident where approximately 70 million lines of data were compromised from nearly 17 million accounts. The stolen data included names, emails, and passwords encrypted with SHA1. The breach, which GrubHub disclosed alongside a third-party breach, also exposed contact details and partial payment information. Although no full financial details were compromised, the incident could still enable account infiltrations and fraudulent activities. Threat actors aim to use the data for phishing, scams, and identity theft, along with credential stuffing attacks on other platforms.

Source: https://www.scworld.com/brief/grubhub-breach-purportedly-impacts-almost-17m

TPRM report: https://scoringcyber.rankiteo.com/company/life

"id": "lif836041125",
"linkid": "life",
"type": "Breach",
"date": "4/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '17 million',
                        'industry': 'Food Delivery',
                        'name': 'GrubHub',
                        'type': 'Company'}],
 'data_breach': {'data_encryption': ['SHA1 for passwords'],
                 'data_exfiltration': ['Yes'],
                 'number_of_records_exposed': '70 million lines of data from '
                                              '17 million accounts',
                 'personally_identifiable_information': ['Yes'],
                 'sensitivity_of_data': ['Medium to High'],
                 'type_of_data_compromised': ['Names',
                                              'Emails',
                                              'Passwords (encrypted with SHA1)',
                                              'Contact Details',
                                              'Partial Payment Information']},
 'description': 'GrubHub experienced a severe security incident where '
                'approximately 70 million lines of data were compromised from '
                'nearly 17 million accounts. The stolen data included names, '
                'emails, and passwords encrypted with SHA1. The breach, which '
                'GrubHub disclosed alongside a third-party breach, also '
                'exposed contact details and partial payment information. '
                'Although no full financial details were compromised, the '
                'incident could still enable account infiltrations and '
                'fraudulent activities. Threat actors aim to use the data for '
                'phishing, scams, and identity theft, along with credential '
                'stuffing attacks on other platforms.',
 'impact': {'data_compromised': ['Names',
                                 'Emails',
                                 'Passwords (encrypted with SHA1)',
                                 'Contact Details',
                                 'Partial Payment Information'],
            'identity_theft_risk': ['High'],
            'payment_information_risk': ['Partial']},
 'motivation': ['Phishing', 'Scams', 'Identity Theft', 'Credential Stuffing'],
 'title': 'GrubHub Data Breach',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Helsinki

public 1 min read
A data breach affecting Helsinki, Finland’s capital and largest employer, exposed sensitive personal data of over 300,000 people.…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.