AI merchant data platform Woflow leaked - 447,000 records exposed in ShinyHunters extortion

Woflow, an AI-driven platform that maintains menu and product data for restaurants and merchants on delivery apps, is the next named victim of ShinyHunters' extortion campaign. The group has published over 2 terabytes of files it says came from Woflow, including names, phone numbers, physical addresses, and email addresses. Have I Been Pwned loaded 447,593 unique email addresses from the dump. The exposed data appears to cover both Woflow's direct customers and the end customers of those merchants - so the breach radius is wider than Woflow's own user list, reaching the customers of every business that relies on Woflow's data.

Check

Check whether your restaurant chain, merchant operations, or delivery integrations rely on Woflow to maintain menu, product, or location data, and review customer service tickets for phishing referencing Woflow-handled records.

Affected

Direct Woflow customers (restaurant chains, merchant networks, delivery-app operators) and the end consumers of those merchants. Leaked fields confirmed by HIBP include names, email addresses, phone numbers, and physical addresses - 447,593 unique email addresses total. No passwords or payment details have been reported in the published dataset.

Fix

If you are a Woflow customer, contact your account team for the official IoC list and impacted-record scope. Notify your own customers if their data was passed through Woflow. Apply stricter inbound filtering for phishing impersonating restaurant brands, delivery platforms, or order confirmations. Rotate any API keys or shared credentials your team exchanged with Woflow integrations in the past 18 months.