Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:

News

Home / News
/
Personal data of million users of the food delivery app have been sold into the Dark Web, there are still holes into privacy of Glovo

Personal data of million users of the food delivery app have been sold into the Dark Web, there are still holes into privacy of Glovo

Serious security breach for the food delivery app Glovo, that has been affected by an unauthorized access by a hacker that could have stolen personal data and access credentials of tens of millions of clients, drivers and employees. Since lot of time Federprivacy has raised a lot of doubts on the compliance to the GDPR of personal data processing carried out by Glovo and other food delivery apps, and not by change on the last year the same Glovo has been sanctioned by the Spanish Data Protection Authority because it has forget to designate the data protection officer.

The information issued from Bloomberg, which mentions as the source the Italian security society of Yarix, which has affirmed to have the proofs that cyber criminals have already sold into the Dark Web: it would amount to a complex volume of 163GB of data which includes names, phone numbers, passwords and information connected to payments systems. The archive will be sold for a total amount of 85.000 dollars.

A spokesman of the Spanish company Glovo has declared that “even if the third part not authorized was able to have the access to IBAN numbers and to fiscals identifications, we can confirm that its has not being carried out any access to data of credit or debit cards”. On the past 4th of May some information on a security breach to Glovo circulated, but it is not clear if those two episodes are connected or are two different accidents.

While we are waiting to see developments of the situation and which will be the intervention of the Supervisory Authority, it is unknown if Italian users are affected, but the advice for who is using Glovo is to change the password of the account and to control card movements in order to verify that there are not any anormal charges, provided that we trust to provide personal data and personal bank information to a society to which seems that the privacy of users don’t really care.

SOURCE: FEDERPRIVACY

Recommended to you

Advanced Research