UrsaClimb Logo

Hacker mass-mails HungerRush extortion emails to restaurant patrons

Bleeping Computer
by Lawrence Abrams
March 4, 2026
AI-Generated Deep Dive Summary
Hackers have sent extortion emails to customers of restaurants using the HungerRush point-of-sale (POS) platform, threatening to expose sensitive data unless the company complies. The emails, which appeared to come from legitimate sources like support@hungerrush.com and 2019@hungerrush.com, claimed that millions of customer records, including names, addresses, phone numbers, and credit card details, were at risk. The attackers used Twilio SendGrid infrastructure, which is commonly used by HungerRush for sending transactional emails like receipts. HungerRush, a restaurant technology provider serving over 16,000 establishments, has not confirmed the breach but is urging customers to remain vigilant for potential phishing attempts. Security researchers have linked the attack to malware that compromised credentials of a HungerRush employee in October 2025. The stolen credentials included access to critical systems like NetSuite, QuickBooks, Stripe, and Salesforce, raising concerns about broader system exposure. The incident highlights vulnerabilities in third-party services and the potential for attackers to exploit compromised employee accounts. While it remains unclear if the extortion emails directly stem from this breach, they serve as a stark reminder of the risks associated with POS systems and payment processing platforms. Customers are advised to monitor their financial activity and report any suspicious transactions. This story underscores the growing sophistication of cyberattacks targeting businesses and their customers. The use of legitimate-looking email headers and infrastructure makes it difficult for recipients to identify malicious intent, increasing the likelihood of successful phishing campaigns. For security-conscious readers, this emphasizes the importance of robust authentication protocols, employee training, and regular system audits to mitigate such risks.
Verticals
securitytech
Originally published on Bleeping Computer on 3/4/2026