NEWYou can now take heed to Fox News articles!
Food supply platform Grubhub has confirmed a current data breach after unauthorized actors accessed elements of its inner programs.
The disclosure comes as sources inform BleepingComputer the corporate is now dealing with extortion calls for linked to stolen data.
In an announcement to BleepingComputer, Grubhub mentioned it detected and stopped the exercise shortly.
“We’re aware of unauthorized individuals who recently downloaded data from certain Grubhub systems,” the corporate mentioned. “We quickly investigated, stopped the activity, and are taking steps to further increase our security posture.”
Grubhub added that delicate info, resembling monetary particulars or order historical past, was not affected. However, the corporate declined to reply follow-up questions on when the breach occurred, whether or not buyer data was concerned, or whether it is actively being extorted.
Sign up for my FREE CyberGuy Report
Get my greatest tech ideas, pressing safety alerts and unique offers delivered straight to your inbox. Plus, you’ll get immediate entry to my Ultimate Scam Survival Guide – free whenever you be a part of my CYBERGUY.COM publication.
RANSOMWARE ATTACK EXPOSES SOCIAL SECURITY NUMBERS AT MAJOR GAS STATION CHAIN
Grubhub confirmed a data breach after unauthorized actors accessed elements of its inner programs, prompting an investigation and heightened safety measures. (Photographer: Michael Nagle/Bloomberg through Getty Images)
What Grubhub has confirmed up to now
While particulars stay restricted, Grubhub confirmed a number of key factors. It has introduced in a third-party cybersecurity agency and notified regulation enforcement. Beyond that, the corporate has stayed largely silent. That lack of element has raised concern, particularly given Grubhub’s current safety historical past. Just final month, the corporate was linked to rip-off emails despatched from its personal b.grubhub.com subdomain. Those messages promoted a cryptocurrency rip-off promising massive returns on Bitcoin funds. Grubhub mentioned it contained the incident and blocked additional unauthorized emails. It didn’t make clear whether or not the 2 occasions are associated.
Sources hyperlink the breach to ShinyHunters extortion
According to a number of sources cited by BleepingComputer, the ShinyHunters hacking group is behind the extortion try. The group has not publicly commented on the claims and declined to reply when contacted. Sources say the attackers are demanding a Bitcoin fee to forestall the discharge of stolen data. That data reportedly contains older Salesforce information from a February 2025 breach and newer Zendesk data taken throughout the newest intrusion. Grubhub makes use of Zendesk to run its on-line buyer assist system. That platform handles order points, account entry and billing questions, making it a beneficial goal for attackers.
How stolen credentials might have enabled the assault
Investigators consider the breach could also be tied to credentials stolen throughout earlier Salesloft Drift assaults. In August 2025, risk actors used stolen OAuth tokens from Salesloft’s Salesforce integration to entry delicate programs over a ten-day interval. According to a report from Google Threat Intelligence Group, often known as Mandiant, attackers used that stolen data to launch follow-up assaults throughout a number of platforms. “GTIG observed UNC6395 targeting sensitive credentials such as AWS access keys, passwords and Snowflake-related access tokens,” Google reported. ShinyHunters beforehand claimed accountability for that marketing campaign, stating it stole roughly 1.5 billion information from Salesforce environments tied to a whole bunch of firms.
Why this breach nonetheless issues
Even if fee data and order historical past weren’t affected, assist programs usually include private particulars. Names, electronic mail addresses and account notes might be sufficient to gasoline phishing assaults or identification scams. More importantly, this incident highlights how older breaches can proceed to trigger harm lengthy after the preliminary assault. Stolen credentials which are by no means rotated stay a robust entry level for risk actors.
Ways to remain secure after the Grubhub data breach
If you employ Grubhub or any on-line supply service, just a few sensible steps can cut back your threat after a breach.
1) Update your password and cease re-use
Start by altering your Grubhub password instantly. Make certain you don’t reuse that password wherever else. Reused passwords give attackers a straightforward path into different accounts. A password supervisor may also help right here. It creates sturdy, distinctive logins and shops them securely so that you should not have to recollect all of them.
Next, see in case your electronic mail has been uncovered in previous breaches. Our No. 1 password supervisor decide features a built-in breach scanner that checks whether or not your electronic mail tackle or passwords have appeared in recognized leaks. If you uncover a match, instantly change any reused passwords and safe these accounts with new, distinctive credentials.
Check out the perfect expert-reviewed password managers of 2026 at Cyberguy.com.
ILLINOIS DHS DATA BREACH EXPOSES 700K RESIDENTS’ RECORDS
The meals supply platform says it shortly stopped the intrusion however has not disclosed when the breach occurred or whether or not prospects had been focused. (Photo by Leonardo Munoz/VIEWpress)
2) Turn on two-factor authentication
If two-factor authentication (2FA) is offered, allow it. This provides a second step whenever you check in, resembling a code despatched to your cellphone or app. Even if a hacker steals your password, two-factor authentication can cease them from getting in.
3) Watch carefully for phishing makes an attempt and use sturdy antivirus software program
Be alert for emails or texts that point out orders, refunds or assist points. Attackers usually use stolen assist data to make messages really feel pressing and actual. Do not click on hyperlinks or open attachments until you might be sure they’re reputable. Strong antivirus software program can even assist block malicious hyperlinks and downloads earlier than they trigger hurt.
The greatest method to safeguard your self from malicious hyperlinks that set up malware, probably accessing your non-public info, is to have sturdy antivirus software program put in on all of your gadgets. This safety can even provide you with a warning to phishing emails and ransomware scams, holding your private info and digital belongings secure.
Get my picks for the perfect 2026 antivirus safety winners on your Windows, Mac, Android and iOS gadgets at Cyberguy.com.
4) Remove your data from people-search websites
Consider utilizing a data removing service to cut back your on-line footprint. These providers assist take away your private particulars from data dealer websites that attackers usually use to construct profiles. Less uncovered data means fewer instruments for scammers to use.
While no service can assure the whole removing of your data from the web, a data removing service is mostly a sensible selection. They aren’t low cost, and neither is your privateness. These providers do all of the give you the results you want by actively monitoring and systematically erasing your private info from a whole bunch of internet sites. It’s what provides me peace of thoughts and has confirmed to be the simplest method to erase your private data from the web. By limiting the data accessible, you cut back the chance of scammers cross-referencing data from breaches with info they may discover on the darkish net, making it tougher for them to focus on you.
Check out my high picks for data removing providers and get a free scan to search out out in case your private info is already out on the internet by visiting Cyberguy.com.
Get a free scan to search out out in case your private info is already out on the internet: Cyberguy.com.
5) Ignore crypto messages utilizing trusted manufacturers
Be skeptical of any cryptocurrency provides tied to acquainted firms. Grubhub was beforehand linked to rip-off emails selling crypto schemes, which exhibits how usually attackers abuse trusted names. Legitimate firms don’t promise quick returns or strain you to behave instantly.
6) Monitor your Grubhub account and electronic mail exercise
Check your Grubhub account for something that appears unfamiliar. Watch for sudden password reset emails, order confirmations or assist messages you didn’t request. Attackers usually take a look at stolen data quietly earlier than making larger strikes.
7) Secure the e-mail linked to your Grubhub account
Your electronic mail account is the important thing to password resets. Change that password and allow two-factor authentication if it isn’t already on. If attackers management your electronic mail, they will regain entry even after you modify different passwords.
8) Stay alert for delayed scams tied to the breach
Breach data is commonly reused weeks or months later. Phishing makes an attempt might seem lengthy after headlines fade. Treat any future messages claiming to reference Grubhub assist, refunds or account points with additional warning.
These steps is not going to undo a breach, however they will restrict how attackers exploit stolen info and cut back your threat going ahead.
FIBER BROADBAND GIANT INVESTIGATES BREACH AFFECTING 1M USERS
Sources inform BleepingComputer the Grubhub breach is tied to extortion calls for involving allegedly stolen buyer assist data. (Gabby Jones/Bloomberg through Getty Images)
Kurt’s key takeaways
Grubhub’s affirmation places an official stamp on what sources have warned about for weeks. While the corporate says delicate data was not affected, unanswered questions stay. As extortion-driven breaches rise, transparency and fast credential rotation matter greater than ever. What stands out most is how previous compromises proceed to create new dangers. When entry tokens reside too lengthy, attackers don’t want to interrupt in once more. They merely stroll again by way of an open door.
If firms keep quiet after breaches, how can prospects know when it’s time to defend themselves? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my greatest tech ideas, pressing safety alerts and unique offers delivered straight to your inbox. Plus, you’ll get immediate entry to my Ultimate Scam Survival Guide – free whenever you be a part of my CYBERGUY.COM publication.
Copyright 2026 CyberGuy.com. All rights reserved.
Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of know-how, gear and devices that make life higher together with his contributions for Fox News & FOX Business starting mornings on “FOX & Friends.” Got a tech query? Get Kurt’s free CyberGuy Newsletter, share your voice, a narrative concept or remark at CyberGuy.com.
