If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer names, email addresses, telephone numbers, and partial payment information for a subset of campus diners.

GrubHub’s response states, “The unauthorized party also accessed hashed passwords for certain legacy systems, and we proactively rotated any passwords that we believed might have been at risk. While the threat actor did not access any passwords associated with Grubhub Marketplace accounts, as always, we encourage customers to use unique passwords to minimize risk.”

If you are a GrubHub customer, you may want to change your password and ensure it is unique to that platform.