Food delivery services seem to be the new favorite of cybercriminals as attacks on these services have suddenly increased. In 2017, Hackread.com exclusively reported on the Zomato data breach in which a dark web hacker was selling 17 million customers’ accounts.
Recently a Germany-based food delivery service Takeaway.com was targeted with a DDoS attack and was asked to pay two bitcoins (USD 11,000) in ransom. Now another service Foodora has become the victim of a data breach.
See: Executive hacked competitor’s website to steal students meal preferences
Berlin-based Delivery Hero, the parent company of Foodora, has confirmed that Foodora become a target of a data breach leading to exposure of information of over 727,000 customers from 14 European countries including France, Spain, Finland, Italy, and Austria.
It is claimed that the data was compromised in 2019 and most of the exposed information is old, dating back to 2016. However, the company didn’t disclose the number of accounts affected by this breach.
According to data breach investigator Troy Hunt, the hacked data includes 79,000 Australian records from August 2015 to August 2016, and on the whole 600,000 unique email IDs have been exposed.
A majority of the passwords were hashed with bcrypt with 11 work factors, which will be difficult to decrypt given that their work factor is 11, but there are some salted MD5 hashes too, which can be cracked easily.
The hacked data includes details like usernames, full names, hashed Foodora service passwords, phone numbers, locations, and physical addresses. However, financial data including credit card details or payment information were not breached, but customers’ geolocation data was expos ..
Support the originator by clicking the read the rest link below.
