ShellCodeX Breach Report
Home Chef Data Breach
homechef.com
Verified breach
Passwords exposed
Accounts exposed
8,815,692
Breach date
10 Feb 2020
Added to tracker
13 Nov 2020
Data classes
7
What happened
In early 2020, the food delivery service Home Chef suffered a data breach which was subsequently sold online. The breach exposed the personal information of almost 9 million customers including names, IP addresses, post codes, the last 4 digits of credit card numbers and passwords stored as bcrypt hashes. The data was provided to HIBP by dehashed.com.
Exposed data
Email addresses
Geographic locations
IP addresses
Names
Partial credit card data
Passwords
Phone numbers
Recommended actions
- Change your Home Chef password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Home Chef — attackers weaponise breach data quickly.
- Monitor your bank and card statements closely and consider requesting a card replacement.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP