Skip to content
Credential stuffingContained

41,000 customers affected by a claimed leak at Innovorder

On 21 February 2026, Innovorder — a French SaaS provider of POS and management software for the foodservice industry — confirmed a data breach after a dataset of around 41,000 records, accessed via credentials compromised in an unrelated breach, was offered on a hacking forum.

Victim
Innovorder
records
41.0K

On 21 February 2026, Innovorder — a Paris-based software publisher whose all-in-one SaaS platform powers point-of-sale, kiosks, online ordering and back-office management for restaurants and contract caterers — confirmed a data breach after a dataset of roughly 41,000 records was advertised on a hacking forum.

According to Innovorder's own confirmation, the intrusion did not stem from a flaw in its platform but from credentials that had been compromised in a separate, earlier data breach. The reused login allowed the attacker to reach a portal and exfiltrate a database of around 41,000 rows — a textbook example of how one breach cascades into the next.

The leaked records relate to Innovorder's restaurant and foodservice customers. Exposed data categories reported around the claim include:

  • Customer/account identifiers
  • Contact details associated with the affected portal
  • Records tied to the restaurant-management database (~41,000 rows)

Innovorder publicly acknowledged the incident and attributed it to the compromised third-party credentials. The scale of around 41,000 records reflects the attacker's claim; the company's confirmation indicates the access vector was identified and addressed.

Sources

  1. fuitesinfos.frhttps://fuitesinfos.fr/article/2026-02-21-innovorder
  2. x.comhttps://x.com/Ced_haurus/status/2026389791848137139

Related incidents

Credential stuffingOngoing

FortiBleed: leaked dataset exposes VPN credentials for ~74,000 Fortinet firewalls

A dataset dubbed FortiBleed exposed valid Fortinet FortiGate VPN credentials — including plaintext passwords — for 73,932 firewall URLs across 194 countries, the product of a Russian-speaking crew that reused passwords from earlier breaches and infostealer logs rather than any new Fortinet vulnerability.

Victim
Organizations running Fortinet FortiGate firewalls worldwide