Delivery app Glovo’s customer data for sale on dark web


A group of hackers accessed confidential data and login credentials related to tens of millions of Spanish delivery app Glovo’s customers, drivers and employees, cybersecurity firm Yarix said it had discovered. — Reuters

A group of hackers accessed confidential data and login credentials related to tens of millions of Spanish delivery app Glovo’s customers, drivers and employees, cybersecurity firm Yarix said it had discovered.

On Tuesday it said it had evidence attackers are attempting to sell the archive on the dark web – part of the Internet unreachable by conventional web browsers – with about 160 gigabytes of names, phone numbers, passwords and data related to customers payment systems for sale for about US$85,000 (RM350,880).

“While the unauthorised third party was able to access IBAN and Tax ID numbers for a short period of time, we can confirm no credit/debit card data was accessed,” a Glovo spokesman said.

Bloomberg hasn’t been able to verify the authenticity of the information alleged to be up for sale, or over what time period it dates back to. Forbes reported on May 4 that Glovo data had been breached. It’s unknown if the data associated with that breach, which Glovo confirmed to Forbes, is connected to that discovered by Yarix.

Mirko Gatto, Yarix’s chief executive officer, said his company were able to obtain extracts from the stolen database that included payment details and Glovo access credentials.

“It’s strongly recommended for Glovo users to change their password and to keep an eye on their credit cards, to verify that there are no abnormal charges,” Gatto said. – Bloomberg

Get 20% OFF The Star Digital Access

Monthly Plan

RM 13.90/month

RM 11.12/month

Billed as RM 11.12 for the 1st month, RM 13.90 thereafter.

Best Value

Annual Plan

RM 12.33/month

RM 9.87/month

Billed as RM 118.40 for the 1st year, RM 148 thereafter.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Others Also Read