Freshmenu got hacked in July 2016 but decided not to inform their customers

Sushubh · Sep 10, 2018

In July 2016, the India-based food delivery service FreshMenu suffered a data breach. The incident exposed the personal data of over 110k customers and included their names, email addresses, phone numbers, home addresses and order histories. When advised of the incident, FreshMenu acknowledged being already aware of the breach but stated they had decided not to notify impacted customers.

Have I Been Pwned: Pwned websites

Jay · Sep 11, 2018

@Sushubh Did you check for your email? Mine isn't listed in the hibp website and I can't find anything in the publicly available dumps either. Not sure what that means.

Deleted member 13033 · Sep 11, 2018

Even if these newbie co. are not hacked, highly doubt their server is any mkrr secure than any other well know sites out there.

And sites like Lybate, wellnesspathcare etc. seems sell of customer info to make few extra bucks, I kept getting calls and sms from labs etc for at least one year after I registered on these sites.

Jay · Sep 11, 2018

No doubt. As a precaution, I recently completely overhauled my digital presence by replacing all emails on sites where I had to register with non identifying emails. The problem is that most of them don't delete the earlier email address and passwords they have on file and when a breach happens they get leaked too.

Jay · Sep 11, 2018

I just went back and found the welcome email from freshmenu.

Plain text password as suspected. 😒

Navjot Singh · Sep 12, 2018

Freshmenu's response: Fresh food online. Order Tasty food from FreshMenu.

dextermorgan · Sep 12, 2018

fucking zomato leaked my email and now this

Freshmenu got hacked in July 2016 but decided not to inform their customers

Sushubh

Admin

Jay

Deleted member 13033

Jay

Jay

Navjot Singh

Admin

dextermorgan