Glovo suffers a cyberattack and hackers sell their customers’ data online. The digital home delivery company claims that the attackers have not accessed the data of the users’ bank cards.
The digital home delivery company Glovo has been ‘ hacked ‘ and the credentials of its customers and distributors have appeared for sale on the internet, as a result of a security breach that the company is currently investigating.
Unauthorized third party actors accessed Glovo’s systems through the interface of an old admin panel. From there they were able to obtain a database with the credentials of the customer and delivery accounts.
The information was put up for sale on the ‘dark web’, where it was found by the head of Technology and founder of Hold Security, Alex Holden , who reported this event to Forbes. The shared videos and screenshots showing access to the Glovo account management.
The company led by Óscar Pierre was notified of this breach last Thursday and a day later it blocked access to the affected system. This Monday, May 3, he confirmed the ‘hack’ and the solution of the security problem.
“On April 29 we detected unauthorized access by a third party to one of our systems”, Glovo has acknowledged in a statement sent to Europa Press, in which it confirms that the access occurred through an old interface of the administration panel .
“As soon as we were aware, we took immediate action, blocking unauthorized third party access and implementing additional measures to protect our platform,” the company assured.
However, and according to the aforementioned medium, the data of users and distributors were still for sale on the internet, with the potential to modify the password of the accounts. The company has stated that no credit card data of its customers was accessed, since this information is not stored, and has also assured that it is investigating what happened and that it has contacted the Spanish Agency for Data Protection .