Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

HungerRush claimed customer data exposure

Data Leak
First reported
Last updated
Happening score
H score 25
1 unique sources, 1 articles

Summary

Hide ▲

A threat actor claimed HungerRush customer records were exposed, creating extortion risk for millions of customers and their personal and payment data. The claim surfaced in early Wednesday morning emails sent to restaurant patrons, which warned that the information could be misused if the company did not respond. The alleged dataset includes names, emails, passwords, addresses, phone numbers, dates of birth, and credit card information. The exposure remains unconfirmed, but the messages are explicit about the claimed leak and the sensitivity of the data.

Related Happenings

HungerRush extortion email campaign targeting restaurant patrons

Campaign
First: 04.03.2026 20:44 Last: 04.03.2026 20:44 Sources 1

How related: The attacker started sending the emails early Wednesday morning, with multiple recipients sharing samples with BleepingComputer.

About this happening: A **HungerRush** extortion email operation started reaching **restaurant patrons** early Wednesday morning, raising the risk that **restaurant and customer data** could be exposed...

Open Happening

Timeline

  1. 04.03.2026 20:44 1 articles · 2mo ago

    HungerRush extortion emails claim customer data exposure

    Initial Disclosure

    Restaurant patrons using HungerRush-linked ordering or POS systems received extortion emails from [email protected] and, three hours later, from [email protected], with the sender warning that restaurant and customer data could be exposed unless HungerRush responded and claiming access to records for millions of customers containing names, emails, passwords, addresses, phone numbers, dates of birth, and credit card information.

    Show sources
    Open in new tab
  2. 04.03.2026 20:44 2 articles · 2mo ago

    HungerRush email headers point to Twilio SendGrid delivery

    Detection Ioc Update

    The messages were delivered from o10.e.hungerrush.com (159.183.129.119) through Twilio SendGrid and passed SPF, DKIM, and DMARC for hungerrush.com because the domain's SPF record authorizes SendGrid to send mail on its behalf.

    Show sources
    Open in new tab