Cyber Incident Victim: Home Chef

On or around November 12, 2020, threat actor ShinyHunters was implicated in a series of data breaches involving multiple organizations, including meal delivery service Home Chef. The incident emerged amid public disputes on cybercrime forums regarding the sale and distribution of stolen databases. ShinyHunters and a data broker using the alias "ExpertData" were accused by a forum member of breaching an exclusivity agreement after the member paid tens of thousands of dollars for restricted access to certain datasets. This dispute escalated when the aggrieved buyer was banned from the original forum instead of the alleged scammers, prompting retaliatory action. The banned individual subsequently migrated to a Russian-language cybercrime forum and began distributing multiple databases without charge, including Home Chef’s data alongside those of Eatigo, Peatix, Redmart, Pluto.tv, Storybird, and others. The leaked Home Chef database was among several datasets briefly made available before being deleted, though the precise duration of exposure and number of affected individuals remain unspecified in available reports.

The incident’s impact stemmed from the unauthorized distribution of Home Chef’s database, though neither the specific data types compromised nor the company’s internal detection timeline were disclosed. Media outlets speculated that some affected entities, including Home Chef, might have been unaware of the breach until journalists contacted them for comment following the forum leaks. The retaliatory dump on the Russian forum was short-lived, as the offending user’s account was deactivated within 24 hours of the data release. No confirmed details regarding Home Chef’s response, containment measures, or forensic findings were documented in the source material. The broader event highlighted tensions within cybercriminal ecosystems, where disputes over profit-sharing and exclusivity agreements inadvertently accelerated public exposure of stolen data.