It was reported today that the Spanish delivery startup Glovo, valued at $2 billion and aims to become Amazon’s rival in Europe, has been breached. A hacker was selling access to customers and couriers accounts with the ability to change their passwords.
<p>It is unfortunate to see that an attack of this nature occurred against a rising startup. However, for a company looking to become the largest delivery service in Europe and rivalling with Amazon, it is unsurprising that attackers would target this Spanish quick-commerce company. A successful compromise of this kind could prove highly valuable, especially considering the huge €450 million investment announced just last month to accelerate the company’s growth plan.</p> <p> </p> <p>With no credit card data reportedly stolen customers do not need to rush to cancel credit cards, but should continue to be vigilant for any suspicious transactions on their account in the future. The top priority now for the 10million Glovo users potentially affected, shall be to update their Glovo account password and subsequently update the password on accounts where their Glovo password has been duplicated. As this data continues to be sold on hacker forums, clients should also be observant of attackers utilising the details stolen for social engineering tactics and future phishing attempts.</p>
Last edited 2 years ago by Natalie Page
Niamh Muldoon , Senior Director of Trust and Security EMEA
InfoSec Expert
May 6, 2021 3:26 pm
<p>This incident highlights the importance for all, including start-ups, to factor cybersecurity into their design and know when to work and consult with identity and access management experts. These experts are able to support organisations by carrying out risk assessments that identify critical information assets and ensure appropriate security controls, such as access control, are in place to protect these assets.</p>
<p>It is great to see companies like Glovo handle an incident like this so well. It can be difficult for a growing business to control all of its IT assets, leaving it vulnerable to attacks. It might have been an old administration panel interface, but it was not secure. It shows the importance of keeping all staff aware of the security risks, and training everyone to keep security top of mind. Incidents like these can be a crucial turning point for growing organisations.</p>
<p>This breach shows the importance of having full visibility of the systems and software in your network, particularly if they are out-dated. While supposedly no customer card data has been accessed, it would be wise to have credit monitoring implemented to be aware of any suspicious activity. Glovo’s couriers should also get in touch with their banks to inform them of the breach. In any case, all those affected by the breach must remain vigilant of any incoming communications as these may be phishing attempts to gain more sensitive data from individuals or to plant malware. Never click on unsolicited links or download attachments from unknown senders, and always check the authenticity of the sender.</p>
Last edited 2 years ago by Jamie Akhtar
Lamar Bailey , Senior Director of Security Research
InfoSec Expert
May 6, 2021 3:02 pm
<p>Data breaches are the modern equivalent of a Pandora\’s box. Once the breach occurs and the data is set free, it is a curse on the company and the users whose data was stolen. Even outdated data causes issues. The company has taken a reputation hit and could in some areas be sued for the issue, while the people that had their data stolen can deal with anything from a mild annoyance like getting a replacement credit card to a huge issue like full identity theft. This is definitely an area where an ounce of prevention is worth a pound of cure. All too often, after a system or service is replaced the legacy system or service is left running “just in case” it is needed again. The problem lies in the fact that the legacy system or service is usually not kept up to date with security updates or configurations. This makes it an excellent target for bad actors.</p>
<p>It is unfortunate to see that an attack of this nature occurred against a rising startup. However, for a company looking to become the largest delivery service in Europe and rivalling with Amazon, it is unsurprising that attackers would target this Spanish quick-commerce company. A successful compromise of this kind could prove highly valuable, especially considering the huge €450 million investment announced just last month to accelerate the company’s growth plan.</p> <p> </p> <p>With no credit card data reportedly stolen customers do not need to rush to cancel credit cards, but should continue to be vigilant for any suspicious transactions on their account in the future. The top priority now for the 10million Glovo users potentially affected, shall be to update their Glovo account password and subsequently update the password on accounts where their Glovo password has been duplicated. As this data continues to be sold on hacker forums, clients should also be observant of attackers utilising the details stolen for social engineering tactics and future phishing attempts.</p>
<p>This incident highlights the importance for all, including start-ups, to factor cybersecurity into their design and know when to work and consult with identity and access management experts. These experts are able to support organisations by carrying out risk assessments that identify critical information assets and ensure appropriate security controls, such as access control, are in place to protect these assets.</p>
<p>It is great to see companies like Glovo handle an incident like this so well. It can be difficult for a growing business to control all of its IT assets, leaving it vulnerable to attacks. It might have been an old administration panel interface, but it was not secure. It shows the importance of keeping all staff aware of the security risks, and training everyone to keep security top of mind. Incidents like these can be a crucial turning point for growing organisations.</p>
<p>This breach shows the importance of having full visibility of the systems and software in your network, particularly if they are out-dated. While supposedly no customer card data has been accessed, it would be wise to have credit monitoring implemented to be aware of any suspicious activity. Glovo’s couriers should also get in touch with their banks to inform them of the breach. In any case, all those affected by the breach must remain vigilant of any incoming communications as these may be phishing attempts to gain more sensitive data from individuals or to plant malware. Never click on unsolicited links or download attachments from unknown senders, and always check the authenticity of the sender.</p>
<p>Data breaches are the modern equivalent of a Pandora\’s box. Once the breach occurs and the data is set free, it is a curse on the company and the users whose data was stolen. Even outdated data causes issues. The company has taken a reputation hit and could in some areas be sued for the issue, while the people that had their data stolen can deal with anything from a mild annoyance like getting a replacement credit card to a huge issue like full identity theft. This is definitely an area where an ounce of prevention is worth a pound of cure. All too often, after a system or service is replaced the legacy system or service is left running “just in case” it is needed again. The problem lies in the fact that the legacy system or service is usually not kept up to date with security updates or configurations. This makes it an excellent target for bad actors.</p>