Foodmandu, a Kathmandu based food delivery service has been hacked. The compromised data includes all the personal details including latitude, longitude, address, and email of around 150,000 users of Foodmandu, while 50,000 users’ details have been filtered and posted publicly in GitHub.
A Twitter handle, that goes by the name of Mr. Mugger, recently posted a tweet disclosing how the company neglects the security vulnerability.
Well, regarding the data breach, there could be several reasons, which we are still unsure about. Regardless of the loophole, the data of almost 150,000 users being comprised is a serious issue for the company. It’s also worrisome not just for the Foodmandu users but to anyone who has been using such service demanding personal data.
Moreover, cybersecurity has become the must look after subject in Nepal with increasing interest among internet users and companies that work based on data, which is almost everyone in the industry.
We reached Foodmandu regarding this issue and they said they are looking on to fixing it. We’ll keep you updated regarding this, stay tuned.
Update [2020/03/08 | 17:00]: The company has followed up with us on this issue and said the password, as well as the database, are safe as the hacker extracted certain users’ data through the web.
Update [2020/03/08 | 17:24]: The company has posted an official statement. You can see it below.