Meal delivery service Home Chef has confirmed that it recently suffered a security breach that exposed its customer information.
Meal delivery service Home Chef has disclosed a data breach that exposed its customer information. Home Chef also explained that only a portion of its customers were impacted in the security incident.
Earlier of May, Shiny Hunters hacking group started offering for sale the databases containing tens of millions from user records from over 11 companies.
Below the complete list published by BleepingComputer:
|Home Chef||8 million||$2,500|
|The Chronicle Of Higher Education||3 million||$1,500|
At the time, the Shiny Hunters were offering more than 8 million records for $2500.
Now the company confirmed the data breach, saying that the incident has impacted select customer information.
Exposed data includes email addresses, names, phone numbers, hashed passwords, and the last four digits of credit card numbers.
“Was My Credit Card Information Compromised? Home Chef does not store complete credit or debit card information” reads the FAQ published by the company.
“Information such as frequency of deliveries and mailing address may also have been compromised,”.
Home Chef also underlined the fact that it does not store complete credit or debit card information. The company is investigating the incident and announced that it is taking action to strengthen its security defenses and prevent similar incidents in the future.
Although the company stores passwords in encrypted format, it recommends users to change the password in an abundance of caution following these process:
- Visit www.homechef.com
- Click on “Log in”
- Click on “Account Information”, which is located under the “Account” dropdown menu
- Complete the “Change Your Password” section and click “Save your settings.” There’s no need to adjust the other sections on the Account page (e.g. “Subscription”)
Home Chef users should remain vigilant against phishing attacks and suspicious activity in their accounts.
The company is notifying the incident to the impacted users.