EatStreet
Company Details
Linkedin ID:
eatstreet
Website:
Employees number:
186
Number of followers:
4,595
NAICS:
513
Industry Type:
Homepage:
eatstreet.com
IP Addresses:
0
Company ID:
EAT_2585349
Scan Status:
In-progress
EatStreet Company CyberSecurity Posture
eatstreet.com
Invented in 2010 by three undergrad juniors in between midterms and term papers, EatStreet was built to be the smartest shortcut to the food you crave. Based in Madison, WI, EatStreet is the largest independent food ordering service in the United States offering food delivery and takeout from over 15,000 restaurants in over 250 cities. Hungry for more details? Visit eatstreet.com!
EatStreet A.I CyberSecurity Scoring
EatStreet Risk Score (AI oriented)Between 700 and 749
EatStreet
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
EatStreet Global Score (TPRM)XXXX
EatStreet
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
EatStreet Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
EatStreet
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: EatStreet food ordering service discloses security breach on June 2019 and during which a hacker stole the company's database complete with customer and partner details. It was found that responsible for this breach is Gnosticplayers, a hacker who previously breached many other online services. At the time, the hacker only boasted about breaching EatStreet but did not provide any evidence of the hack. The compromised information includes names, phone numbers, email addresses, bank accounts, and routing numbers for restaurants and delivery services.
EatStreet, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Attorney General reported a data breach involving EatStreet, Inc. on June 14, 2019. The breach occurred on May 3, 2019, when an unauthorized third party accessed the database, potentially compromising names, contact information, and payment card details of delivery partners and diners.
EatStreet Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for EatStreet
Incidents vs Technology, Information and Internet Industry Average (This Year)
No incidents recorded for EatStreet in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for EatStreet in 2025.
Incident Types EatStreet vs Technology, Information and Internet Industry Avg (This Year)
No incidents recorded for EatStreet in 2025.
Incident History — EatStreet (X = Date, Y = Severity)
EatStreet cyber incidents detection timeline including parent company and subsidiaries
EatStreet Company Subsidiaries
Invented in 2010 by three undergrad juniors in between midterms and term papers, EatStreet was built to be the smartest shortcut to the food you crave. Based in Madison, WI, EatStreet is the largest independent food ordering service in the United States offering food delivery and takeout from over 15,000 restaurants in over 250 cities. Hungry for more details? Visit eatstreet.com!
Loading...
EatStreet Similar Companies
Times Internet
At Times Internet, we create premium digital products that simplify and enhance the lives of millions. As India’s largest digital products company, we have a significant presence across a wide range of categories, including News, Sports, Fintech, and Enterprise solutions. Our portfolio features mar
The Death Star
The mission of the Death Star is to keep the local systems "in line". As we have recently dissolved our Board of Directors, there is little resistance to our larger goal of universal domination. Our Stormtroopers are excellent shots and operate with our Navy, and are fielded like marines - sep
Sohu.com Inc. (NASDAQ: SOHU) is China's premier online brand and indispensable to the daily life of millions of Chinese, providing a network of web properties and community based/web 2.0 products which offer the vast Sohu user community a broad array of choices regarding information, entertainment a
Binance
Binance is the world’s leading blockchain ecosystem and cryptocurrency infrastructure provider with a product suite that includes the world's largest digital asset exchange and much more. Trusted by over 200 millions of users worldwide, the Binance platform is dedicated to increasing the freedom of
OYO is a global platform that aims to empower entrepreneurs and small businesses with hotels and homes by providing full-stack technology products and services that aims to increase revenue and ease operations; bringing easy-to-book, affordable, and trusted accommodation to customers around the worl
Meesho is India’s fastest growing internet commerce company. We want to make eCommerce accessible to all. Our vision is to enable 100 million small businesses in India, including individual entrepreneurs, to succeed online. Our mission is to democratise internet commerce by bringing a range of produ
Zomato’s mission statement is “better food for more people.” Since our inception in 2010, we have grown tremendously, both in scope and scale - and emerged as India’s most trusted brand during the pandemic, along with being one of the largest hyperlocal delivery networks in the country. Today, Zoma
Independiente / Freelance
La etimología de la palabra deriva del término medieval inglés usado para un mercenario (free-independiente o lance-lanza), es decir, un caballero que no servía a ningún señor en concreto y cuyos servicios podían ser alquilados por cualquiera. El término fue acuñado inicialmente por Sir Walter Scot
Arrow Electronics
Arrow Electronics (NYSE:ARW) guides innovation forward for thousands of leading technology manufacturers and service providers. With 2024 sales of $27.9 billion, Arrow develops technology solutions that help improve business and daily life. Our broad portfolio that spans the entire technology lands
.png)
EatStreet CyberSecurity News
November 14, 2017 05:39 PM
EatStreet
EatStreet's Matt Howard and Alex Wyler, along with a third cofounder, met in their freshman year at the University of Wisconsin, Madison and launched its...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
EatStreet CyberSecurity History Information
Official Website of EatStreet
The official website of EatStreet is http://eatstreet.com.
EatStreet’s AI-Generated Cybersecurity Score
According to Rankiteo, EatStreet’s AI-generated cybersecurity score is 730, reflecting their Moderate security posture.
How many security badges does EatStreet’ have ?
According to Rankiteo, EatStreet currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does EatStreet have SOC 2 Type 1 certification ?
According to Rankiteo, EatStreet is not certified under SOC 2 Type 1.
Does EatStreet have SOC 2 Type 2 certification ?
According to Rankiteo, EatStreet does not hold a SOC 2 Type 2 certification.
Does EatStreet comply with GDPR ?
According to Rankiteo, EatStreet is not listed as GDPR compliant.
Does EatStreet have PCI DSS certification ?
According to Rankiteo, EatStreet does not currently maintain PCI DSS compliance.
Does EatStreet comply with HIPAA ?
According to Rankiteo, EatStreet is not compliant with HIPAA regulations.
Does EatStreet have ISO 27001 certification ?
According to Rankiteo,EatStreet is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of EatStreet
EatStreet operates primarily in the Technology, Information and Internet industry.
Number of Employees at EatStreet
EatStreet employs approximately 186 people worldwide.
Subsidiaries Owned by EatStreet
EatStreet presently has no subsidiaries across any sectors.
EatStreet’s LinkedIn Followers
EatStreet’s official LinkedIn profile has approximately 4,595 followers.
NAICS Classification of EatStreet
EatStreet is classified under the NAICS code 513, which corresponds to Others.
EatStreet’s Presence on Crunchbase
Yes, EatStreet has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/eatstreet.
EatStreet’s Presence on LinkedIn
Yes, EatStreet maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/eatstreet.
Cybersecurity Incidents Involving EatStreet
As of December 04, 2025, Rankiteo reports that EatStreet has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
EatStreet has an estimated 12,852 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at EatStreet ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: EatStreet Security Breach
Description: EatStreet food ordering service discloses security breach on June 2019 during which a hacker stole the company's database complete with customer and partner details.
Date Publicly Disclosed: June 2019
Type: Data Breach
Threat Actor: Gnosticplayers
Motivation: Unspecified
Title: EatStreet Data Breach
Description: The California Attorney General reported a data breach involving EatStreet, Inc. on June 14, 2019. The breach occurred on May 3, 2019, when an unauthorized third party accessed the database, potentially compromising names, contact information, and payment card details of delivery partners and diners.
Date Detected: 2019-06-14
Date Publicly Disclosed: 2019-06-14
Type: Data Breach
Attack Vector: Unauthorized Access
Threat Actor: Unauthorized Third Party
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach EAT23126323
Data Compromised: Names, Phone numbers, Email addresses, Bank accounts, Routing numbers
Incident : Data Breach EAT058080525
Data Compromised: Names, Contact information, Payment card details
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Phone Numbers, Email Addresses, Bank Accounts, Routing Numbers, , Names, Contact Information, Payment Card Details and .
Which entities were affected by each incident ?
Incident : Data Breach EAT23126323
Entity Name: EatStreet
Entity Type: Food Ordering Service
Industry: Food and Beverage
Incident : Data Breach EAT058080525
Entity Name: EatStreet, Inc.
Entity Type: Company
Industry: Food Delivery
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach EAT23126323
Type of Data Compromised: Names, Phone numbers, Email addresses, Bank accounts, Routing numbers
Incident : Data Breach EAT058080525
Type of Data Compromised: Names, Contact information, Payment card details
References
Where can I find more information about each incident ?
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Attorney GeneralDate Accessed: 2019-06-14.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Gnosticplayers and Unauthorized Third Party.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2019-06-14.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2019-06-14.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, phone numbers, email addresses, bank accounts, routing numbers, , Names, Contact Information, Payment Card Details and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Payment Card Details, names, routing numbers, bank accounts, Names, Contact Information, email addresses and phone numbers.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.
Risk Information
cvss3
Base: 6.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Description
XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.
Description
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.
Description
Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in the authentication flow. This vulnerability is fixed in 5.9.8.
Risk Information
cvss4
Base: 9.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.
Risk Information
cvss4
Base: 5.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=eatstreet' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
