Foodora Data Breach Impacts Customers in 14 Countries
Online food delivery service Delivery Hero has confirmed a data breach affecting its Foodora brand.
The cybersecurity incident has exposed the account details of 727,000 customers in 14 different countries. Information exposed in the incident included names, addresses, phone numbers, and hashed passwords.
While no financial data was leaked, customers’ geolocation data, accurate to within a couple of inches, was breached. Such data could prove embarrassing to any individuals who have ordered food while pursuing a clandestine affair.
Data breached in the incident was found online on May 19, posted in a forum where stolen data is wont to show up, according to the Gov Infosecurity website. Whoever posted the data on the forum claims that Foodora was compromised in 2019.
A spokesperson for Delivery Hero said that the exposed information dated back several years.
“Unfortunately, we can confirm that a data breach has been identified concerning personal data dating back to 2016,” said a Delivery Hero spokesperson.
“The data originates from some countries across our current and previous markets.”
The compromised data appears to belong to Foodora users in Australia, Austria, Canada, France, Germany, Hong Kong, Italy, Liechtenstein, the Netherlands, Norway, Singapore, Spain, and the United Arab Emirates.
Data breach expert and Have I Been Pwned website creator Troy Hunt said that over 600,000 unique email addresses were among the leaked data. According to Hunt’s research, the oldest Australian files exposed in the incident date back to August 2015.
Delivery Hero was founded in 2011 by Niklas Ostberg. The business is based in Berlin, Germany, and operates in over 40 countries internationally in Asia, Europe, Latin America, and the Middle East.
The company, which has around 22,000 employees, partners with more than 500,000 restaurants globally to deliver over 3 million food orders per day.
Delivery Hero is not yet sure how the breach occurred but is taking steps to find out.
A spokesperson said the company has “started a thorough internal investigation” and is “working closely with our security and data protection teams, as well as local authorities, to identify what caused the breach and inform the affected parties.”
The spokesperson added that the “relevant authorities” have been informed of the data breach.
This post Foodora Data Breach Impacts Customers in 14 Countries originally appeared on InfoSecurity Magazine.
