Personal data such as email addresses, names, phone numbers, home addresses and order histories of users were exposed.
As per a website haveibeenpwned (HIBP), the food-tech startup FreshMenu has suffered a data breach in 2016 that exposed personal data of around 1,10,000 customers. Personal data such as email addresses, names, phone numbers, home addresses and order histories of users were exposed.
The company told that it knew about the data breach but chose not to inform the affected users.
HIBP is a platform which maintains a database of data breaches. It lets internet users check if their personal information has been compromised by data breaches. The platform was created by Troy Hunt, who is also a regional director at Microsoft.
Rashmi Daga, Founder of FreshMenu, said, "Trust is integral to the relationship we share with you and we regret the event that led to this trust being compromised. In that moment, we believed that the since the breach was limited, we would focus on resolving the vulnerability and making sure that no further breaches happen."
"The stolen information comprised of names, email-ids and phone numbers. At no point during this time was information such as user passwords or payment related information, breached. We have always worked with secure payment partners to store payment information in PCI DSS compliant systems on their side and that is absolutely safe. Regardless, it is clear in hindsight that we could have communicated this information to our users at that time," Daga clarified.