Meal kit delivery service Home Chef on Wednesday confirmed that a data security incident exposed some customer information, including names, email addresses, phone numbers and the last four digits of credit card numbers. The company said encrypted passwords as well as account details like frequency of deliveries and mailing addresses may have also been compromised.
“We are taking quick, aggressive actions to investigate this situation and prevent similar events from happening in the future,” said Home Chef spokeswoman Maris Callahan, adding that the incident had been reported to law enforcement.
In an FAQ page about the security incident, Home Chef said it’s emailing affected customers and is encouraging people to change passwords in an “abundance of caution.”
Home Chef didn’t say how many customers were impacted by the security incident. Last week, security site Bleeping Computer reported that hackers claimed to be selling a database of 8 million users records from the meal kit company.