top | item 24685496

Chowbus user data breach (email, name, phone, address) with 800k rows

17 points| abcdabcd987 | 5 years ago

Email sent to all users via Chowbus Sendgrid. Link to anonymousfiles.io. Two CSVs, restaurants and users.

  $ head -n 1 users_y1KGkRi.csv
  "email","first_name","last_name","phone_number","address_1","address_2","city","state","zip_code"
  $ wc -l users_y1KGkRi.csv
  803354 users_y1KGkRi.csv
  $ cat users_y1KGkRi.csv | cut -d "," -f 1 | sort | uniq | wc -l
  444218

  $ head -n 1 restaurants_KmHZSPi.csv 
  "name","foreign_name","phone_number","commission_rate","address_1","address_2","city","state","zip_code"
  $ wc -l restaurants_KmHZSPi.csv
    4301 restaurants_KmHZSPi.csv

6 comments

H12|5 years ago

I got a similar email and contacted Chowbus about it. Here was their reply:

Thank you for bringing this to our attention. As soon as we became aware of this incident, our security team quickly took steps to secure our systems, including our customers’ account information. The link from the email is already disabled. Your credit card information does not exist in our systems. Any credit card information and transaction is processed by Stripe, a secure 3rd party payment processor. We are confident your credit card information is safe.

jka|5 years ago

Although you might have done already, it'd be worth contacting Chowbus to report this. There's an email contact in the footer of their homepage; I couldn't initially find a security-related contact address, but they may have one too.

FandangoRanger|5 years ago

I used to be a person but then I became a consumer and now I've become a row.

iordachej|5 years ago

Hey fellow. Row 54 here

unknown|5 years ago

[deleted]

rvz|5 years ago

Complete disaster.

0009427807|5 years ago

Jarvis

amp5634|5 years ago

[deleted]

amp5634|5 years ago

[deleted]

username_xd|5 years ago

[deleted]