Thursday, November 30, 2023

Home Chef Hacked – Hackers Selling 8M User Records on a Dark Web Marketplace

Home Chef, a US-based meal kit delivery service suffers a data breach, hackers stolen more than 8 million customer records.

How are when the hack attack took place is unknown, the company is investigating the situation now.

Home Chef Hacked – What Data Impacted?

The hack impacts the following customer information

  • Email address, name, and phone number
  • Encrypted passwords
  • The last four digits of credit card numbers
  • Other account information such as frequency of deliveries and mailing address may also have been compromised

Home Chef is to notice the impacted customers, also the company confirms all the customers are not impacted.

If your account impacted in the breach then you will be getting notified, else the company will not alert you.

The protection of customer data is a top priority for Home Chef, and we work hard to safeguard our customers’ information.

Also, the company confirms that they do not store complete credit or debit card information.

We are taking action to investigate this situation and to strengthen our information security defenses to prevent similar incidents from happening in the future, reads FAQ published by the company.

Home Chef recommended you to reset the passwords by visiting their website, if you reuse the password then it is recommended to change with all the portals.

Learned that databases sold by Shiny Hunters contain 8 million user records for Home Chef.

Shiny Hunters started selling hacked databases that contain over 73.2 Million user records of 11 different companies over the dark web.

It all starts with the Tokopedia dump shared last week contains more than 90 million user records, followed by Unacademy dump and the hack of the Microsoft’s GitHub account.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.


Latest articles

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...

CISA Warns Hackers Exploiting Wastewater Systems Logic Controllers

In a disconcerting turn of events, cyber threat actors have set their sights on...

Zyxel Command Injection Flaws Let Attackers Run OS Commands

Three Command injection vulnerabilities have been discovered in Zyxel NAS (Network Attached Storage) products,...

North Korean Hackers Attacking macOS Using Weaponized Documents

Hackers often use weaponized documents to exploit vulnerabilities in software, which enables the execution...

Most Popular Websites Still Allow Users To Have Weak Passwords

The latest analysis shows that tens of millions of people are creating weak passwords...

Chrome Zero-Day Vulnerability That Exploited In The Wild

Google has fixed the sixth Chrome zero-day bug that was exploited in the wild this...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles