Incident Overview

A threat actor going by GordonFreeman claims to have compromised the Yummy Rides platform in Venezuela and leaked a database containing approximately 30,000 driver photos along with their full names. Yummy Rides is a Venezuelan ride-hailing and delivery service. The data has been made available as a completely free download with a direct link.

The leaked data consists of driver profile images that are named with the drivers' full names, effectively tying each photograph to a real identity. Screenshots posted as proof show hundreds of thumbnail-sized ID-style photos of drivers, clearly demonstrating the scale of the exposure. This type of leak is particularly concerning as it provides both visual identification and real names of gig workers, potentially exposing them to targeted harassment, impersonation, or social engineering.

The threat actor explicitly states they compromised the platform directly to obtain this data.