Sensitive data Compromised in Breach for 1+ million Customers using Food Delivery Service
Weee! is a food delivery service headquartered in Fremont California. The company delivers food across 48 states and claims to be the largest Asian and Hispanic food delivery service in North America. Weee! has more than 1,500 employees and is valued at over $4 billion. The company made an announcement on its website that it suffered a data breach in February of 2023 that compromised the information of customers who placed an order with them between July 12, 2021, and July 12, 2022. Information included name, address, email address, phone number and order number. Other data included the device type used to place the order, including delivery notes provided by customer such as access codes needed to enter residential buildings and businesses. Weee! has made it clear that no financial information was accessed in the attack as this information does not reside within the compromised database.
|IDENTIFY INDICATORS OF COMPROMISE (IOC)|
On February 6, 2023, a threat actor named IntelBroker began leaking data exfiltrated from Weee! on a hacking and data breach forum site. Weee! was then contacted, and the company confirmed to BleepingComputer that the posted customer information was real and that a breach had occurred. While more than 11 million order records were stolen in the breach, there were only 1.1 million unique email addresses meaning many of the orders were placed by the same customers during that time frame.
|CONTAINMENT (If IoCs are identified)|
Weee! has stated that they are conducting a review of their security measures in place, and that customers whose information was compromised will be contacted individually. No additional information is available presently.
We can only speculate how the threat actors were able to infiltrate the Weee! network and access information from their database. Some of the possible attack methodologies include the following:
There are many attack avenues that can be used in a data breach. That’s why it is so important to conduct a security risk assessment of your organization to determine what those potential vulnerabilities are and what critical assets may be exposed to them. Only then can you create a comprehensive cybersecurity strategy that will fulfill your duty of care to protect the sensitive data of other parties. Let’s discuss how you can establish reasonable security to address your changing risk landscape.