Grocery delivery platform data leaked, hackers claim

Published: 20 October 2025
Last updated: 20 October 2025
Getir delivery platform mobile device

Getir, a major grocery delivery platform, has allegedly had its data leaked. Attackers claim to have accessed the company’s intranet, but Cybernews researchers are skeptical.

A post announcing the supposed data breach was uploaded to a popular data leak forum, which ransomware groups use to trade in stolen information. According to the attackers, they “hacked” Getir’s intranet system.

Getir is a Turkish delivery platform that’s valued at around $2 billion. While the platform is best recognized on its home turf in Turkey, the company is also available in selected areas in the US.

ADVERTISEMENT

We have reached out to Getir for comment and will update the article once we receive a reply.

Getir data leak forum post
Attackers' post on the data leak forum. Image by Cybernews.

Meanwhile, the Cybernews research team investigated the data samples that the attackers provided. The team believes the supposedly stolen data is a dump of metadata of internal Getir applications, including:

  • Bitbucket repository URLs
  • User permissions
  • Project names
  • Workspace IDs
  • Employee email addresses

The data sample points to sensitive user data slipping through attackers' fingers. Moreover, the team believes that attackers likely did not access the company’s systems and obtained the data via a third-party service provider.

However, the leaked data could still negatively impact Getir’s operations. For one, attackers could use it to carry out social engineering attacks against the company’s employees. A successful campaign could result in deeper access to the company’s systems.

“Meanwhile, the exposed repository URLs & workspace IDs make it easier for attackers to look for unprotected endpoints or other accidental misconfigurations within a project,” our researchers explained.

In other words, malicious actors could use the data to target employees as well as look for discrepancies in Getir’s systems to craft future attacks, leading to source code access or worse.

ADVERTISEMENT
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

Getir is hardly the first delivery platform to deal with data theft. Earlier this year, we wrote about GonnaOrder, a European-based food delivery platform that inadvertently exposed real-time order information.

And in April 2025, an attacker group claimed it had accessed a whopping 70 million lines of data from GrubHub, an American online food delivery platform.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT