Food delivery platform Grubhub has confirmed a recent data breach after hackers accessed its systems, with sources indicating the company is now facing extortion demands. Grubhub stated that unauthorized individuals downloaded data from certain company systems, but assured that sensitive information like financial data or order history was not affected. The company is working with a third-party cybersecurity firm and has notified law enforcement, according to a recent report by Bleeping Computer.Sources suggest the ShinyHunters cybercrime group is behind the extortion, demanding a Bitcoin payment to prevent the release of older Salesforce data from a February 2025 breach and newer Zendesk data stolen in the recent incident. Grubhub uses Zendesk for its customer support chat system. The breach is believed to have occurred through credentials stolen during recent Salesloft Drift data theft attacks, where compromised OAuth tokens for Salesloft's Salesforce integration were used to harvest credentials and secrets for follow-up attacks on other platforms. ShinyHunters previously claimed responsibility for stealing approximately 1.5 billion data records from Salesforce for numerous companies.This incident highlights the persistent threat of follow-on attacks utilizing previously compromised data. Organizations impacted by such breaches, particularly those involving Salesforce integrations, must urgently rotate all affected access tokens and secrets to mitigate further risks.Source: Bleeping Computer
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds