Home Chef confirms data breach after customer info reportedly sold on dark web

Hackers were reportedly offering up 8 million users records.

Carrie Mihalcik Former Managing Editor / News
Carrie was a managing editor at CNET focused on breaking and trending news. She'd been reporting and editing for more than a decade, including at the National Journal and Current TV.
Expertise Breaking News, Technology Credentials
  • Carrie has lived on both coasts and can definitively say that Chesapeake Bay blue crabs are the best.
Carrie Mihalcik

The meal kit delivery service confirmed that a data breach exposed some customer information.

Home Chef

Meal kit delivery service Home Chef on Wednesday confirmed that a data security incident exposed some customer information, including names, email addresses, phone numbers and the last four digits of credit card numbers. The company said encrypted passwords as well as account details like frequency of deliveries and mailing addresses may have also been compromised. 

"We are taking quick, aggressive actions to investigate this situation and prevent similar events from happening in the future," said Home Chef spokeswoman Maris Callahan, adding that the incident had been reported to law enforcement.  

In an FAQ page about the security incident, Home Chef said it's emailing affected customers and is encouraging people to change passwords in an "abundance of caution."

Home Chef didn't say how many customers were impacted by the security incident. Last week, security site Bleeping Computer reported that hackers claimed to be selling a database of 8 million users records from the meal kit company.