Security Incident Update

HungerRush is aware of a security incident that has impacted some of our client base. We are actively investigating and coordinating with the appropriate authorities on this matter.

Our teams are working quickly to understand the scope of the incident, address the issue, and implement any necessary remediation. Protecting our clients and their customers’ data is a top priority, and we are treating this matter with the utmost urgency.

Based on our investigation to date, we have not identified evidence that payment information or government identification numbers, such as credit card numbers or Social Security numbers, were accessed.

What should customers do?

If you received a suspicious email related to this incident, please do not respond to the sender or engage with the message.

If you have questions or would like to report an email you received, please contact our team at [email protected], which is being actively monitored.

Update

Wed. March 4, 5pm

Since becoming aware of the security incident, HungerRush has been actively investigating to understand the scope and cause of the situation.

Based on our investigation to date, we have determined that late Monday, March 2nd, compromised credentials associated with a third-party vendor working with the company were used to gain unauthorized access to the email marketing service.

As a result, certain customer contact information (including names, email addresses, mailing addresses, and phone numbers) was accessed and used to send unauthorized email messages to certain merchants and consumers.

At this time, our investigation has not identified evidence that sensitive personal or financial information (such as passwords, dates of birth, Social Security numbers, or payment card information) was accessed or compromised. HungerRush does not store any credit card data within our systems. Our investigation has also not identified evidence that other HungerRush systems were compromised, and the activity appears to have been limited to the email marketing service.

We continue to investigate, but at this time have not identified evidence of compromise affecting our ordering platform, payment infrastructure, or other production systems.

As a precautionary measure, we disabled access to the affected email service to prevent any additional unauthorized messages from being sent while the investigation continues.

As a reminder, if you received a suspicious email related to this incident, please do not respond to the sender. If you have any questions or would like to report an email you received, please direct inquiries to [email protected], where our team is actively monitoring and responding.

We will continue to provide updates as more information becomes available.