Woflow Data Breach: 447K Records Dumped by ShinyHunters

Have I Been Pwned just loaded the Woflow breach into its index this week. 447,000 accounts, 2 terabytes of files dumped publicly back in March after the company didn't pay ShinyHunters' ransom. Woflow is an AI-driven merchant-data platform. They structure menus, product catalogs, and store info for DoorDash, Uber, Walmart, Square, and Deliveroo — meaning they sit between those big-name platforms and the small businesses that get listed on them. Per Have I Been Pwned, the indexed records appear to span Woflow's direct customers and people one layer downstream, the merchants and consumers those customers serve. Names, emails, phones, and home addresses across all of it. Across this run of breaches, ShinyHunters' playbook has been the same: a help-desk phone scam where operators call corporate support, talk an employee into approving a malicious third-party app inside the company's Salesforce, and that approval hands the attacker an access token wide enough to bulk-export the customer database. Whether Woflow was hit that exact way is still unconfirmed. Woflow has not, as of recording, publicly acknowledged the breach. Sources: https://haveibeenpwned.com/Breach/Woflow https://cybernews.com/security/shinyhunters-claims-woflow-data-breach/ https://appomni.com/blog/shinyhunters-woflow-breach-claim-saas-supply-chain-security-risks/ https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendations More on cybersecurity, privacy, scams, and homelab on Hake Hardware. New shorts every weekday. #cybersecurity #databreach #shinyhunters