A hacker used an old administrator password to break into the computer network of Spain’s fast delivery company Glovo.
The firm said today(May 4) that the hack happened last week and the intruder was quickly ‘booted out’ as soon as he was detected.
He posted proof of his activities with a video on the so-called ‘ dark web’.
A Glovo spokesman said: “We can confirm that no access was gained to customer’s card details as Glovo does not save or store such information.”
The company did not state how long the hacker was in the system.
Glovo have contacted Spain’s data protection authority, the AEPD, to report the incident.
A cyber security firm called Hold Security discovered the breach when they saw the hacker’s videos on the ‘dark web’ showing off access to Glovo computers.
Forbes magazine say that Hold Security told them that ‘the hacker was selling login details for customer and courier accounts with the ability to change the password’.
Glovo started trading from its Barcelona base in 2015 with food deliveries being their most popular offering via a phone app booking service.
It’s expanded its operations to 22 countries and has been boosted by sales increases during the coronavirus pandemic.
Last month Glovo raised €450 million in additional funding to increase the growth of the company.