Spanish delivery app Glovo has disclosed that a malicious actor had allegedly access in an unauthorized manner barring the details of the type of data that they broke into.
Glovo is a Spanish quick-commerce start-up founded in Barcelona in 2015. It is an on-demand courier service that purchases, picks up, and delivers products ordered through its mobile app. It intends to be a multi-category lifestyle app with food delivery being the most popular offering.
It is reportedly priced at over $1 billion and provides delivery services for everything, from everyday commodities and supplies to food.
Glovo app accessed by unauthorized party:
According to the statements issued by Glovo, the unauthorized third party had obtained access to one of its systems.
This had apparently arisen due to the malicious party using an old administrator platform, however, it was removed as soon as the violation was detected by Glovo.
The delivery company has, however, assured its customers that no other data was compromised in the hacker attack.
“We can confirm that no access was gained to client card data, as Glovo does not save or store such information,” the company said in an emailed statement.
Reports from trusted security sources noted that the hacker was allegedly selling the user login credentials for customer and courier accounts and had the proficiency to alter passwords.
Surge in funding amid COVID:
It is interesting to note that the news of the Glove hacker attack comes weeks after the delivery app had raised 450 million euros in funding, riding a wave of interest in delivery services, which have boomed during the COVID-19 pandemic.
With such platforms increasingly in the spotlight, regulators and governments are beginning to address working conditions and privacy issues in the so-called gig economy.
A Spanish court ruled last year that Glovo workers were employees and not freelancers, while the government is proposing legislation to give unions access to the algorithms tech companies use to manage their workforce.