6 May 2021

Spanish delivery startup Glovo suffers a cyberattack


Spanish delivery startup Glovo suffers a cyberattack

A hacker compromised systems of Spanish rapid-delivery startup Glovo and reportedly attempted to sell stolen credentials of its customers and distributors on the Internet.

Glovo is a Barcelona-based company that delivers everything from food to household supplies to some 10 million users across 20 countries.

According to the company, the security breach took place on April 29 when a hacker gained access to its systems via an old administrator platform, and the attack was blocked as soon as it was detected.

“We can confirm that no access was gained to client card data, as Glovo does not save or store such information,” Glovo said.

The hack came to light earlier this week when Forbes reported that a hacker was selling access to Glovo customer and courier accounts, with the ability to change their passwords. The breach was discovered by the cybersecurity firm Hold Security that found screenshots and videos from a hacker showing off access to the computers used to manage Glovo accounts.

Glovo said it has contacted the Agencia Española de Protección de Datos (AEPD), Spain’s data protection authority, over the incident and that the data was “only accessible via a successful log-in by an account with sufficient permissions. All personal data at rest in our systems is encrypted.”

Back to the list

Latest Posts

US nuclear weapons contractor Sol Oriens falls victim to REvil ransomware gang

US nuclear weapons contractor Sol Oriens falls victim to REvil ransomware gang

The company said that it became aware of the cyberattack in May and that it is working "to determine the scope of potential data that may have been involved."
16 June 2021
Suspected Chinese hack affected Verizon, Southern California's water supplier

Suspected Chinese hack affected Verizon, Southern California's water supplier

The breach was part of the cyber-espionage campaign involving Pulse Connect Secure networking devices that came to light in April.
16 June 2021
Paradise ransomware source code leaked on XSS hacker forum

Paradise ransomware source code leaked on XSS hacker forum

The analysis of the source code revealed it contained Russian comments, giving an inkling of the origin of a developer behind the ransomware.
16 June 2021