Home Chef hacked, eight million users have data breached
Names, email addresses, phone numbers and encrypted passwords of Home Chef users were sold online
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
The US-based meal kit and food delivery service Home Chef has announced that it suffered adata breachafter a hacker sold 8m of its user records on the dark web.
As reported byBleepingComputer, a hacking group called Shiny Hunters was recently selling the user records of eleven companies on a dark web marketplace from $500 to $5,000 depending on the number of records each database contained.
Home Chef was one of the eleven companies and the hackers claimed to have 8m of its user records available for sale for just $2,500. They also provided a sample of the type of information available in the database for potential buyers.
This information included users' email addresses, encrypted passwords, the last for digits of their credit cards, gender, age, subscription information and more.
Home Chef data breach
Home Chef has now officially acknowledged that it suffered a data breach in adata security incident noticeposted on its web site, which reads:
“Protection of customer data is a top priority for Home Chef, and we work hard to safeguard our customers’ information. We recently learned of a data security incident impacting select customer information, including names and emails, as well as limited customer account information and encrypted passwords. We are taking action to investigate this situation and to strengthen our information security defenses to prevent similar incidents from happening in the future.”
According to Home Chef, affected customers' had their email addresses, names, phone numbers, encrypted passwords and the last four digits of their credit card numbers exposed. Other account information such as frequency of deliveries and mailing addresses may have also been compromised.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Although the passwords leaked in the data breach were encrypted, hackers could still be able to decrypt them which is why all Home Chef customers should change their passwords immediately.
ViaBleepingComputer
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
After Arcane season 1 ended on a stunning cliff hanger, its creators say it was ‘always the plan’ for those characters to die in the season 2 premiere
