Skip to main content

Has Just Eat been breached? Customers report phishing scams

A software developer from Belfast has warned that online takeaway service Just Eat might have suffered a data breach.

According to a BBC report, a number of registered Just Eat users have received a phishing email scam that is not from the company, but includes their information.

Among those who had received this email is a software developer from Belfast, Andy Pugh.

"This is an address and a telephone number that I've never put anywhere," he said. "It was never on the electoral roll, I was actually only in the address for about a year. So, to me, there was no way that this information could have come from anywhere else apart from a data breach with Just Eat."

Just Eat said it was aware of a particularly sophisticated phishing attack.

In the attack, the email asks the unsuspecting victim to fill out a survey, and promises £10 in return. To do this, the victim is directed to a website which looks exactly like the Just Eat site. First it asks for the login credentials, and after the survey is complete, asks for bank details in order to transfer the £10 reward.

Mr Pugh said he was so convinced by the authenticity of this email that he did not realise it was a scam until he got to the final stage. He asked Just Eat to warn its customers about the scam.

"It wouldn't take them more than two minutes to put out a Facebook post and a tweet essentially just saying 'here's the scam, it's happening' and sending a screenshot of the email, and at least that way people would be aware."