Data theft from Thermomix users: I know what you cooked last summer
The data has been served up - and it's hotter than any soup from the Thermomix. Because unknown persons have stolen millions of user data from Rezeptwelt.de: Email addresses, places of residence, dates of birth. A feast for cyber criminals.
The Thermomix can do a lot: mix, cook, steam - and now apparently also circulate personal data. At least involuntarily. At the request of Der Spiegel, the manufacturer Vorwerk confirmed that unknown persons have managed to gain access to the user data of the official recipe forum Rezeptwelt.de.
No fewer than 3.3 million accounts are affected - including sensitive information such as email addresses, places of residence and dates of birth.
The security breach at the external service provider meant that the sensitive data was freely accessible for several days. Screenshots of the data leak are already circulating in relevant darknet forums. Nevertheless, passwords or financial data such as account details are not said to have been affected. Vorwerk's other platforms, such as the webshop or the recipe service Cookidoo pre-installed on the Thermomix, were also spared.
This is what Vorwerk says
In an initial statement, the company is endeavouring to limit the damage: "We sincerely apologise for the inconvenience caused." Vorwerk emphasises that it is working closely with the relevant authorities to clarify the incident.
All affected users will be informed.
What does this mean for those affected?
Even if criminals cannot access bank accounts directly, such leaks are anything but harmless. Phishing attacks can look deceptively real if they are larded with personal data. Vorwerk therefore advises users to check suspicious emails carefully and not to open any attachments or links from unknown senders.
Affected persons should also change their passwords on other platforms, especially if the same email address is used there. Activating two-factor authentication can provide additional protection. It is also advisable to regularly check your own online accounts in order to recognise suspicious login attempts at an early stage.
Not only users in Germany and Switzerland are affected, but also users from the Czech Republic, Spain, France, Italy, Poland, Portugal and Australia. This shows once again that even cooking is not safe from cyber criminals. If you want to be on the safe side, you should not only stir the risotto, but also regularly check your own data protection settings.
Header image: Luca Fontana
110 people like this article
Luca Fontana
Senior Editor
Luca.Fontana@digitecgalaxus.chI'm an outdoorsy guy and enjoy sports that push me to the limit – now that’s what I call comfort zone! But I'm also about curling up in an armchair with books about ugly intrigue and sinister kingkillers. Being an avid cinema-goer, I’ve been known to rave about film scores for hours on end. I’ve always wanted to say: «I am Groot.»
