The notorious cybercrime group ShinyHunters has claimed responsibility for a breach involving Woflow, a technology company that provides merchant data management services to major platforms such as Uber, DoorDash, and Walmart. According to the attackers, the incident resulted in the theft of hundreds of millions of records containing corporate and customer information.
ShinyHunters posted the claim on its dark web leak site, where extortion groups typically publish information about alleged victims. In the post, the group said it had obtained “several hundreds of millions of records” that include personal information, transaction or order data, and internal company documents. The hackers warned that the data could be publicly released if the company does not respond to their demands.
Woflow provides services that help businesses collect and structure merchant data used in delivery and e-commerce systems. Its platform processes and organizes large datasets related to restaurants, retail merchants, and other businesses so that companies can integrate this information into digital ordering and logistics systems. Clients listed by the company include major global brands such as Uber, DoorDash, and Walmart.
According to the attackers, the breach involved access to large quantities of sensitive information linked to the company and its clients. The group claimed that the stolen dataset includes personal identifiable information as well as corporate and operational data. At the time of the report, the threat actors had not published a sample of the alleged dataset that would allow independent verification of the claims.
Cybercrime groups frequently announce breaches on dark web leak sites before releasing any stolen information. The tactic is commonly used as a form of pressure to push companies into negotiating ransom payments. In many cases, data is gradually released if the victim refuses to engage with the attackers.
Security researchers note that such announcements should be treated cautiously until the claims are confirmed or supported by evidence. Without data samples or confirmation from the affected company, it can be difficult to verify whether attackers successfully accessed the systems they claim to have compromised.
ShinyHunters is a cybercriminal group known for large-scale data theft and extortion campaigns targeting technology companies and online platforms. The group has previously been linked to incidents involving major corporations and services, where stolen datasets were later posted online after ransom demands were rejected.
At the time of reporting, Woflow had not publicly confirmed the breach claim. The company was contacted for comment regarding the alleged compromise and the scope of any potential data exposure.
If verified, the incident would represent another case in which threat actors attempt to use stolen data to pressure companies through public exposure and reputational risk. Investigations into the claim and the possible impact on Woflow’s partners and clients are ongoing.