HomeChef

In early 2020 the meal delivery service Home Chef experienced a significant data breach when an unauthorized actor gained access to its customer database. The incident resulted in the compromise of information belonging to approximately 8 million users. The stolen data was subsequently offered for sale on dark web marketplaces. The breach included sensitive customer details such as email addresses, encrypted passwords in bcrypt format, the last four digits of credit cards, and geographic information. Home Chef confirmed the security incident and notified affected users, attributing the compromise to a vulnerability that allowed the extraction of user records.