🚨 SECURITY UPDATE: Follow-up on the Yummy Rides (Venezuela) Security Breach 🚨 Following GordonFreeman's initial report on the Yummy Rides security breach on March 9, 2026, new technical intelligence investigations reveal a more complex and persistent security situation for this platform. Profound Impact: The initial leak of 29,662 images associated with drivers' full names has been confirmed on specialized forums such as DarkForums. Extended Attribution: Intelligence follow-up actively links the actor Cypher404x (also known as M3Y1999) and the actor "HcKMvsoneria33" to the exploitation and dissemination of data from the platform, operating under the BlackHex Brotherhood organization. Attack Pattern: A direct correlation has been detected between the vulnerabilities exploited in Yummy and other high-impact incidents in the region, such as the attack on the Cashea platform. This confirms that this organization maintains an active campaign targeting home delivery and fintech services in Venezuela. In addition to the recent incident affecting 30,000 drivers, we have identified previous security breaches that expose a structural vulnerability in the platform. The existence of a database published on LeakBase and dark forums dating back to 2024 has been confirmed. This database contains the following compromised critical data: ID, Name, Email, Password, API Token, Device Token, Stripe ID, Card Brand, Last 4 Digits of Card, Test End Date, Braintree ID, PayPal Email, Reminder Token, Phone Number, Notification, Location, Invoice, Creation Date, Update Date. The actor identified as directly responsible for the 2024 database breach is grepcn. If you need an incident investigation specialist, contact contact@vecert.io. We conduct cybersecurity incident investigations and have automated platforms that also perform them. #Cybersecurity #ThreatIntel #DataBreach #Yummy #InfoSec #CyberAlert
