Cyber Incident Victim: Food Dudes Delivery

In April 2021, Gemini Advisory reported a series of breaches affecting five online food ordering platforms that compromised approximately 343,000 payment cards over the preceding six months. The incidents impacted hundreds of restaurants through two distinct operational models. Three compromised platforms—including Easy Ordering and E-Dining Express—served as direct ordering infrastructure for individual restaurants, integrating with their physical point-of-sale systems. This allowed cybercriminals to steal payment data directly from at least 70 restaurants using these services. Two other platforms—Grabull and an unnamed entity—functioned as third-party aggregators similar to Grubhub or DoorDash, enabling payment card theft across their broader restaurant networks. The attacks were attributed to the "Keeper" hacking group, which deployed Magecart-based skimming techniques to intercept card-not-present transactions.

The breaches exposed vulnerabilities in centralized ordering systems relied upon by restaurants and consumers during increased pandemic-driven online ordering. Gemini Advisory initially named specific platforms in their April 29 report but later edited the post in early May to remove two company names, citing sensitivity and ongoing investigations. DataBreaches.net correspondingly updated its coverage in September 2021 after being contacted by legal representatives of an unnamed affected firm that disputed Gemini's original characterization. Neither Gemini nor DataBreaches.net retracted their core findings regarding the breach scale or methodology. The incidents highlighted risks for restaurants dependent on third-party platforms and consumers whose payment data was exposed through no direct action of their own, with compromised cards appearing for sale in underground markets.