Glovo User Leaked Data Includes Credit Cards, Hackers Say
Following the cyberattack on Glovo that took place a few weeks ago, hackers who have put the customer database up for sale claim that the stolen information includes credit cards.
At the end of last April, Glovo was the victim of a cyberattack that allowed hackers to have access to the personal data of customers and workers. The Barcelona-based home delivery company confirmed that it had been hacked, but theft of data from payment methods was initially ruled out .
However, it finally appears that the attackers did have access to customers’ financial information. Law of the Network reports that hackers who have put Glovo’s stolen database up for sale on the Dark Web claim that the customers’ credit or debit card number is included in the file.
Alex Holde, founder of Hold Security, was in charge of raising the alarm a few weeks ago about the Glovo hack. The researcher came across a video in which the attackers showed off how they accessed the computers used to manage Glovo accounts. Holde informed the company, which explained that the hackers were able to access it through an old admin panel interface.
At the time the security breach was discovered, its magnitude was unknown, but we now know that it is far more worrisome than it first appeared. After a reduced version of the database with a size of 180 GB was for sale, attackers now commercialize what appears to be the complete database.
Si no lo has hecho todavía actualiza Chrome, te puedes llevar una sorpresa muy agradable
Specifically, the file that is sold on the Dark Web to the highest bidder contains 480 GB of personal data of Glovo users , which includes the following information for each person: name and surname, email, address, date of birth, passwords (SHA-256), DNI, bank accounts and credit or debit card details registered in the application. In addition, the vendor ensures that the database also includes administrator accounts with hacked passwords (SHA1).
If you are a Glovo user, the first thing you have to do is change your password as soon as possible, in case you didn’t do it a few weeks ago when the hack was detected. Also, since attackers claim that they have your bank card details in their possession, keep an eye on your movements to make sure there is no unexpected charge. Glovo User Leaked Data Includes Credit Cards, Hackers Say