Weee! Customers Have Their Delivery Information Leaked Online
Table of Contents
- By Steven
- Published: Feb 23, 2023
- Last Updated: Mar 30, 2025
Weee! is a popular online grocery delivery service that specializes in Asian and Hispanic food products. This service is an app-based product that allows individuals to have food sent to their homes or workplace. Unfortunately, the service was recently hacked, and delivery information has been leaked to the public online.
How Did the Attack Occur?
A hacker network broke into Weee! databases and gained access to delivery logs for millions of orders. With more than 2.6 million downloads for the delivery app, it's likely that customers around the country were impacted by this data breach. The information gathered from the delivery logs has been posted online for anyone to access. If you're concerned about your information being disclosed to online parties, you may have to take steps to protect yourself, though the personal information disclosed in this attack is minimal.
What Information Was Viewed or Stolen?
Any customers that put in orders between July 12, 2021, and July 12, 2022, may have had their personal information intercepted. This information includes full names, email addresses, order comments, phone numbers, order numbers, and more. According to the forensic investigators, it doesn't seem likely that financial information was successfully gathered in this breach. That means the risk of serious problems from the cyber attack isn't significant.
How Did Weee! Admit to the Breach?
Originally, the attackers put up a database containing the information for more than 11 million Weee! Customers. A spokesperson from the company admitted to the breach to Cybernews first and went on to send out individual letters informing any customers known to be impacted by the attack. Weee! Goes on to say that it doesn't hold onto financial data for its customers, so that information could not have been taken in the attack. Weee! is making public announcements about the attack, but you have nothing to worry about until you receive a notice from the company that informs you your information was shared online. Once that happens, you should prepare for any problems that will come from your information being out there online.
What Will Become of the Stolen Information?
Since the Weee! Customer information was already put up online; it will be gathered by people around the internet and used in any way possible. Without access to Social Security numbers or financial account information, it's unlikely that too much damage can be done by the attackers.
What Should Affected Parties Do in the Aftermath of the Breach?
The attackers may be able to obtain codes to enter gated communities and secure buildings using delivery instructions gleaned from the attack. Anyone that provided information leading to the entry of their building is recommended to change any codes they can and take steps to secure their residence.
Other than giving away lock codes, there isn't too much risk caused by attackers having locations, names, and phone numbers. Victims may want to take steps to change their phone numbers or monitor their accounts for strange activity, but the potential issues are limited in their scope.
