[BreachExchange] Food Delivery Service Chowbus Experiences Data Breach

Destry Winant destry at riskbasedsecurity.com
Wed Oct 7 10:28:44 EDT 2020


https://www.infosecurity-magazine.com/news/delivery-service-chowbus-breach/

Chicago-based Asian food delivery service Chowbus has suffered a data
breach with more than 800,000 customer records and 444,000 unique
email address exposed.

According to the Chicago Tribune, reports from customers on Twitter
said they began receiving emails yesterday labeled “Chowbus data” that
contained links where they could download company databases containing
contact information for restaurants and customers.

A Reddit thread said the files are in .cvs format, and contain 4,300
critical business/personal information entries in the restaurant file,
while the “users” file has 803,350 files. Both contain names and
contact information.

While Chowbus has not confirmed how many customers were affected or
how the breach happened, company founder and CEO Linxin Wen sent an
email to customers confirming it learned about the data breach on
Monday morning, and said credit card information and account passwords
were not stolen.

A statement posted on the Reddit thread, said: “Thank you for bringing
this to our attention. As soon as we became aware of this incident,
our security team quickly took steps to secure our systems, including
our customers’ account information. The link from the email is already
disabled. Your credit card information does not exist in our systems.
Any credit card information and transaction is processed by Stripe, a
secure 3rd party payment processor. We are confident your credit card
information is safe.”

Paul Edon, senior director, technical sales and services (EMEA) at
Tripwire, said this type of attack is unusual and appears to have been
aimed at undermining the reputation of Chowbus. “Based on the way in
which data was released, there is a high probability that this was the
work of a disgruntled employee or ex-employee,” he said “Anyone with a
Chowbus account should immediately change their account password and
if possible, implement two-factor authentication.”


More information about the BreachExchange mailing list