Foodpapa.pk, a Pakistani food delivery platform, has allegedly been compromised in a significant data breach. A database containing hundreds of thousands of user, driver, and administrator credentials was recently uploaded to a dark web forum. The breach reportedly stems from a January 2026 backup and affects a total of 239,109 accounts, including 217,000 customers, 22,000 delivery personnel, and 109 administrators.
According to the actor, the allegedly compromised data includes:
-
User IDs and Full Names
-
Phone Numbers
-
Email Addresses
-
Password Hashes (bcrypt)
-
JWT Auth Tokens and Firebase Tokens
-
National ID Numbers (CNIC)
-
License Plates and Vehicle Registrations
-
Home Addresses and Father Names
-
Refresh Tokens and API Credentials
Daily Dark WebRead More
T1
