A cybercriminal exposes Weee’s sensitive data! customers in an underground forum that could be used for identity theft.
BleepingComputer reported that earlier this week, a cybercriminal going by the alias “IntelBroker” accessed the Breached hacking forum and posted a thread claiming that “a database of 11 million customers owned by Saywee” was leaking.
The database was allegedly stolen this month and contains a lot of sensitive information such as names, email addresses, phone numbers, the type of endpoint used to interact with the platform (PC, Android or iOS), order notes as well as other platform-specific data.
Payment details have not been disclosed
The company later confirmed the data theft to the media, while researchers argued that the number of people affected was not as large as advertised in a forum thread.
Speaking to BleepingComputer, the company said: “We recently became aware of a data breach that affected some customer information. We can confirm that no customer payment details have been released as Weee! does not store any customer payment information in our databases.”
“For customers who placed an order between July 12, 2021 and July 12, 2022, information such as name, address, email addresses, phone number, order number, and order comments may have been affected.” the company said on its website.
“We have notified all customers of the issue and will individually notify all affected customers if their information is released.”
At the same time, Troy Hunt of Have I Been Pwned, a website that tracks infected email addresses, claims that the database actually contains 1.1 million unique email addresses, not 11. The remaining 9.9 million are most likely duplicates.
Weee! is a North American Asian and Hispanic grocery store that claims to be the largest of its kind in the country. It supplies food to 48 US states and has warehouses nationwide.
By: Beeping Computer (opens in a new tab)