Grocery delivery platform Weee! confirms data breach

Updated on: 08 February 2023

Vilius Petkauskas
Deputy Editor

Image by Weee!

US-based grocery delivery platform Weee! said it would individually contact customers impacted by the data breach.

Attackers posted a database with information on 11 million Weee! customers on a popular hacker forum earlier this February, exposing delivery-related sensitive information.

The company’s spokesperson told Cybernews that Weee! is aware a data breach affected some of its customers. The online grocery delivery platform said it does not retain any payment details, and the breach did not impact user financial data.

“For customers that placed an order between July 12, 2021 and July 12, 2022, information such as name, address, email addresses, phone number, order number, and order comments may have been impacted,” the company’s representative said.

Weee leak — Threat actor announcing the leak. Image by Cybernews.

The Cybernews research team confirmed that the leak appeared to be composed of data that didn’t appear in previous leaks. Some of the leaked logs included delivery notes that Weee! customers left for couriers, such as codes to enter residential or office buildings.

“We have notified all customers of the issue and will be notifying all impacted customers individually if their information was exposed,” Weee!’s spokesperson explained.

Weee! is an online grocery delivery platform specializing in Hispanic and Asian foods. The delivery platform operates throughout most of the United States.

The company boasts its delivery app was downloaded over 2.6 million times. According to data on the Google Play store, Weee! Asian Grocery Delivery app has been downloaded over 500k times.