The data breach has affected hundreds of thousands of customers of Fantuan Group Inc. owned Chowbus.
A Chicago-based Asian food delivery service Chowbus has suffered a massive data breach leading to the compromise of hundreds of thousands of customer records.
It isn’t yet clear how the data breach took place; however, the company claims that financial data, including credit card information and account passwords, wasn’t accessed.
According to the company, the stolen data includes customer names, email IDs, and phone numbers. Though the company didn’t explain how many customers were affected, it is suspected that over 800,000 customer records and nearly 444,000 unique email IDs were exposed in the breach.
Chowbus, a company owned by Fantuan Group Inc., confirmed that some of its data were “illegally accessed,” and currently, it is addressing the issue.
The real surprise factor is the way customers came to know how the data breach took place. As per the Chicago Tribune report on the incident, customers on Twitter posted that they were receiving emails labeled “Chowbus data,” containing links of downloadable company databases. The database contained information about its customers and restaurants.
There were two separate categories of files; one was titled Restaurants and the other Users. All the files were in .CVS format. The Restaurant file contained approx 4,300 critical personal and business-related information, whereas the Users file included around 803,350 files.
Chowbus’ cofounder and CEO, Linxin Wen, stated that they notified its customers about the data breach via email on Monday.
On Reddit, Chowbus posted an official statement that read:
“Thank you for bringing this to our attention. As soon as we became aware of this incident, our security team quickly took steps to secure our systems, including our customers’ account information. The link from the email is already disabled,” the company said.
“Your credit card information does not exist in our systems. Any credit card information and transaction is processed by Stripe, a secure 3rd party payment processor. We are confident your credit card information is safe,” the statement read.
If you have an account on Chowbus change its password right now. Also, change the password on any other account if you are using the same login credentials on any other website.