Foodmandu, an online food delivering platform thatbwas currently supplying food inside Kathmandu valley and Lalitpur faced a massive data breach on March-8, 2020. This cyber attack caused the loss of their sensitive information of about 50K users.
The attack was performed by a hacker named Mr. Mugger on his twitter account. The hack which he had performed has caused the loss of information of 50K users which include their name, phone, address and email address. Moreover, a link related to the hacked data has been published.The hacker tweeted that the data was beautiful. According to the hacker, the company has loop hole in their web application but they took the vulnerability too lightly which made it easier for him to hack the system and leak the data.
Hacker states in his tweet, “Foodmandu 50K User Details Dump. So here it is, imma be real I am tired of how they neglect the security vulns. The Database consists of more than 150K User’s Personal Details, Latitude -Longitude, Address, and email. However, the demo is filtered.”
Foodmandu has officially announced that tbey encountered a data breach by a hacker that ultimately lead to the loss of tbeir costumer data, in their tweet which they tweeted at 1:40pm.
They stated that they are working with cyber crime department of Government to catch the hacker and soon after that they will take down the data that has been uploaded publicly.
More ever you can also predict that the hacker has got access to the several systems of the company more than he has published. The hacker may not have published all the information publicly. He may have got access to more than users name, address, email. He may have also got access to the users secrete bank account, which is almost very tough as the site has SSL encryption,but we can’t underestimate someone who has just hacked such a bi website and even published it locally without any fear.
If we go accordingly to Mr. Manohar Adhikari, a founder of Foodmandu, the hacker has not gotbaccess to the users password as they have been encrypted. Even their server and database are safe at the time. The company has also sent take down requests to the several authorities where the data has been autoloaded.
Let’s stay together by the side of Foodmandu on this hard time and pray for them. 😊😇