The Weee! Asian and Hispanic food delivery service suffered a data breach exposing the personal information of 1.1 million customers.

A threat actor named ‘IntelBroker’ began leaking the data for Weee! on the Breached hacking and data breach forum.

According to the forum post, “In February 2023, a database of 11 million customers belonging to the Sayweee was stolen by hackers.”

Source: Bleepingcomputer

The leaked database contains Weee! customers’ first and last names, email addresses, phone numbers, device type (iOS/PC/Android), order notes, and other data the delivery platform uses.

Buy Me A Coffee

“We recently became aware of a data breach that has affected some customer information,” reads the complete statement from Weee!.

“We can confirm that no customer payment data was exposed as Weee!, does not retain any customer payment information in our databases. For customers that placed an order between July 12, 2021 and July 12, 2022, information such as name, address, email addresses, phone number, order number and order comments may have been impacted.”

“We have notified all customers of the issue and will be notifiying all impacted customers individually if their information was exposed.”

“Security is a top priority for us and we are undertaking a thorough review to ensure we continue to deliver on the trust the Weee! Community places in us.”

The company confirmed to BleepingComputer that customer information was stolen in the data breach.

CERT-In Finds Multiple Bugs in Node.js that Can Be Used to Obtain Sensitive Info