speedx data leak van — Image by Cybernews.

Listen to this article

SpeedX, a US-based last-mile delivery company, has leaked a massive amount of sensitive customer data. Over 840 million leaked records include customers’ full names, home addresses, parcel photos, and drivers’ sensitive information, potentially making this one of the largest delivery data leaks ever uncovered.

SpeedX exposed over 840M delivery files including customer addresses, parcel photos, and driver's license images online.
SpeedX claims no unauthorized access occurred, calling it a configuration issue rather than a data breach incident.
The March 2026 data leak contained 618 million parcel photos revealing what was delivered to specific home addresses.
The breach potentially enables large-scale fraud and social engineering attacks targeting SpeedX customers and delivery drivers nationwide.

Key Takeaways by nexos.ai, reviewed by Cybernews staff.

The American last-mile parcel company, SpeedX, spilled hundreds of millions of records online, revealing personal data of numerous US residents, the Cybernews research team discovered in March of this year.

The exposed file storage contained the type of information one would expect from a parcel delivery service, ranging from receiver home addresses to photos confirming that the parcel reached the recipient. SpeedX drivers weren’t spared, either, as the team also found driver’s license photos in the exposed data stash.

Our research team explained that the data leak reveals the massive scale of unprotected records and increases the risk of fraud, social engineering, and identity theft for customers and drivers alike.

speedx data leak7 — File counts in the Azure bucket based on prefixes. Image by Cybernews.

“Additionally, files related to parcel information paint a clear picture of how the company operates from the inside, allowing malicious actors to craft more targeted attacks and operational disruptions across the supply chain,” they said.

SpeedX is a so-called last-mile delivery operator that transports parcels from distribution hubs to customer doors. According to SpeedX, they handle millions of daily deliveries for Shein, Temu, Amazon, TikTok Shop, and others.

What does SpeedX say?

According to the company, a SpeedX review of the Azure Blob configuration and associated access logs did reveal “limited container metadata responses were possible,” the company did not observe any malicious activity.

“While we confirmed that limited container metadata responses were possible under the prior configuration, our investigation has identified no evidence of unauthorized access to sensitive customer data, no indication of data exfiltration, and no evidence of a security compromise affecting customer systems or accounts,” SpeedX representative explained.

SpeedX also claims that the company assesses the problem as a storage configuration issue and not a data breach.

Don't miss our latest stories on Google News. Add us as your Preferred Source on Google

“Access to objects still required knowledge of specific object paths and was not equivalent to unrestricted public access to protected customer information,” the company said.

However, our researchers claim that all it took for anyone to access over 840M SpeedX files, was to know the name of the bucket. The team is sure that no specific information on object paths was necessary to access the leaked data.

What’s included in the SpeedX data leak?

Our researchers discovered the exposed SpeedX Microsoft Azure storage bucket on March 13th, 2026. The mammoth dataset includes hundreds of millions of records related to parcel deliveries, exposing the company's digital delivery infrastructure.

The SpeedX data leak revealed numerous data points, including:

Receiver's full names and home addresses
Shipping labels
Photos of people’s homes where the parcel was delivered
Delivery drivers’ licenses
SpeedX app credentials
Other delivery-related data

The exposed Azure bucket contained 11 prefixes, organizational groupings used to structure files within cloud storage. The number of files with specific prefixes ranges from several to nearly 620 million.

speedx data leak1 — Leaking recipient PII in a parcel batch report. Image by Cybvernews.

The largest one, with 618 million files, contained mostly photos with parcels and shipping labels, revealing what was delivered to whom. The photos reveal typical information about the parcel and its receiver.

Another massive prefix, with over 220 million records, contained PDF files with shipping labels that reference different transit stages that parcels went through. Some labels displayed final destination data, which included receiver names and addresses, while others referenced in-transit facilities.

The team also noted that some of the shipping labels in this directory belong to Raven Force Couriers, a Canadian delivery company. This company could be a partner of SpeedX. While the Raven Force Couriers are not listed among SpeedX partners, SpeedX does indicate they provide cross-border services.

speedx data leak2 — Leaked parcel photo. Image by Cybernews.

speedx data leak3 — Leaked shipping labels. Image by Cybernews.

speedx data leak4 — Leaked shipping labels. Image by Cybernews.

Another 3.8 million records revealed reports on delivered parcel batches and shipment summary documents that expose parcel tracking numbers, processing facility addresses, retailer information, and parcel recipients' personal information.

Our researchers also discovered details that SpeedX drivers submitted to the company systems. One prefix, with nearly 105K records, contained numerous photos of driver’s licenses as well as screenshots of SpeedX app credentials, and other screenshots.

While we can’t be 100% sure, it’s likely information SpeedX drivers submit to confirm they’re eligible to work for the company.

Additionally, over 117K records included various application log files, stored on the exposed Azure bucket.

speedx data leak5 — Leaked photo of a driver’s license. Image by Cybernews.

speedx data leak6 — Leaked screeenshot of a SpeedX app credentials. Image by Cybernews.

Our research team disclosed the data leak to SpeedX, and the company fixed the issue. Moreover, our team did not observe malicious exploitation of the leaked information.

However, if our researchers discovered the leak online, others may have also. The web is infested with automated crawlers, specifically designed to prowl the net for exposed datasets and automatically download them.

Why is the SpeedX data leak dangerous?

Delivery-related data leaks are nothing new. We have covered several delivery platforms leaking data, including at least three cases in 2025 alone: Getir, GonnaOrder, and Hipshipper. However, the SpeedX data leak is a serious contender to be the largest we have ever seen.

Meanwhile, with over 840 million records in their possession, attackers could mount large-scale automated attacks targeting numerous individuals at once. In cyberscrime, scale pays off, as it takes only a few victims to make the whole operation profitable for perpetrators.

Check if your data has been leaked

Find out if your email, phone number or related personal information might have fallen into the wrong hands.

18,611,353,922

Breached accounts

36,030

Breached websites

For example, threat actors could develop highly convincing scams that target victims through delivery-related communication. Messages and emails asking users to confirm package details and update delivery addresses could lead victims to download malware.

Threat actors could also use the data to enrich information obtained from other data leaks. Malicious actors build up large databases with detailed user profiles that are later sold online.

To avoid similar issues in the future, the team advises businesses to:

Implement access control so that only authorized users can access the storage bucket and files in it
Implement access logging in order to detect potentially unauthorized access
Categorize files into different cloud instances for easier access control management, depending on file sensitivity