A popular food delivery app called FoodPapa faces serious trouble after someone leaks a massive database on a well-known cybercrime forum. The breach exposes private details of both customers and delivery riders. These include names, phone numbers, email addresses, profile photos and even passwords. Moreover, the leak includes authentication tokens, wallet balances, loyalty points and referral codes that could put thousands of users at risk.
Hack Exposes Full Personal Records of Riders and Customers
The threat actor, who goes by the name โpenguinbrew,โ claims the company left a backup database exposed online. This database, dated February 1, 2026, measures 1.5 gigabytes when uncompressed. It holds full records for users as well as delivery personnel. These include identity numbers, signatures, vehicle details, earnings and even reasons for termination.
In addition, ridersโ home addresses and fathersโ names appear in the files. This raises fresh worries about identity theft and physical safety.
FoodPapa Stays Silent on the Alleged Breach
However, the company has not responded so far. As a result, it remains unclear how the hacker gained access or whether the firm has taken any steps to fix the problem.
Users now wonder if their information is safe or if more leaks will follow. Security experts urge everyone who uses the app to change passwords immediately and watch their accounts closely for suspicious activity.
