Weee!

Weee! is a grocery delivery service headquartered in the United States, operating primarily as an online platform that fulfills orders for a wide range of Asian and Hispanic food products and household goods. The company serves customers seeking culturally specific ingredients and prepared foods, functioning as a digital marketplace that connects consumers with specialty grocery items often found in ethnic markets. Its core business model revolves around the convenient, door-step delivery of these products, catering to communities with a preference for Asian and Hispanic cuisines and staples. The service is designed for accessibility, allowing users to browse and purchase from a catalog that includes fresh produce, meats, seafood, snacks, beverages, and other specialty items. By focusing on these distinct market segments, Weee! positions itself within the niche of ethnic grocery e-commerce, differentiating itself from mainstream supermarket delivery services through its curated inventory. The platform's operational scope is national within the United States, leveraging a logistics network to manage inventory and last-mile delivery to a dispersed customer base. Its business is entirely centered on direct-to-consumer delivery, without indicating any physical retail storefronts or restaurant supply operations.

The organization's scale and operational practices were highlighted during a significant security incident in early 2023. A data breach attributed to the threat actor IntelBroker resulted in the unauthorized access and subsequent leak of customer information on a hacking forum. While initial external claims suggested a compromise of 11 million records, the company's own analysis determined that approximately 1.1 million unique customer email addresses were affected, with the higher figure resulting from duplicate entries associated with repeat customers. The exposed data included personal details such as names, physical addresses, email addresses, phone numbers, order numbers, and order comments for transactions occurring within a defined period. Critically, payment card information was not compromised, as the company's systems do not retain such financial data following transaction processing. Following the discovery, Weee! confirmed the breach to its customers, initiated a security review to strengthen its safeguards, and prioritized maintaining customer trust through direct notification of impacted individuals. This incident underscores the company's handling of a large volume of personal customer data and its established practice of not storing sensitive payment credentials, a notable operational security attribute within the e-commerce sector. The event also illustrates the significant data footprint associated with its nationwide delivery service, evidenced by the million-plus customer records involved.