- More than 3,1 million Thermomix users have been affected by a data breach on Rezeptwelt.de.
- Hackers have obtained names, addresses, email addresses and phone numbers, but not bank details.
- Data can be used in phishing attacks, fraudulent calls and online scams.
- It is recommended to change passwords, enable 2FA and be alert to suspicious emails.
The recent Cyberattack against Thermomix users has caused great concern among those affected. More than three million people have had their personal information compromised due to a vulnerability in the official recipe forum, Rezeptwelt.de.
Although Vorwerk, the Thermomix manufacturer, has clarified that no bank details or passwords have been compromised, the theft of information such as names, addresses and emails is a Serious risk of scams and phishingIn this article, we tell you in detail what happened, what impact it has and how you can protect yourself.
The cyber attack on Thermomix and the data leak
Between January 30 and February 3, 2025, cybercriminals accessed the database of the Rezeptwelt.de forum, a platform where Thermomix users shared recipes and tips.
In this attack, the data of more than 3,1 million users in several countries, including Spain, France, Italy, Portugal, Poland, Czech Republic, Germany and Australia. The leaked information includes:
- Names and surnames
- Physical addresses
- Emails
- Telephone numbers
- Dates of birth
- Culinary preferences
According to Vorwerk, the vulnerability has been fixed and has not affected other platforms such as Cookidoo, the online store of Thermomix or connected kitchen devicesHowever, the danger remains, as the data can be used for fraud attempts.
Why is this leak worrying?
The fact that this personal data is leaked has several repercussions. The main one is that cybercriminals can use it to Identity theft, phone scams and phishing attacksIn fact, a significant portion of the compromised accounts had already appeared in previous breaches, increasing the risk.
Hackers can use this information to:
- Sending fraudulent emails to steal more information or money.
- Call the affected parties to try to obtain more personal or banking information.
- Selling data on the Dark web to be used in future scams.
- Create misleading advertising campaigns.
Tips to protect yourself after the leak
If you have registered with Rezeptwelt.de, it is important that you take steps to avoid potential fraud. Follow these tips to minimize the risk:
1. Change your passwords
Although Vorwerk claimed that the passwords were not stolen, it is advisable to change your account password on Rezeptwelt.de and any other service where you use the same key.
2. Activate two-step authentication
Enable the Two-factor authentication (2FA) on your email accounts and other services reduces the chances of hackers gaining access to them.
3. Be cautious with suspicious emails
Be wary of unsolicited emails, especially those that ask you to click on links or enter personal information. If you suspect an email is fraudulent, do not open it and delete it immediately.
4. Block spam calls and messages
If you start receiving unknown calls, avoid answering them and Block suspicious numbersYou can also inform your telephone provider.
5. Use a password manager
To improve the security of your accounts, use a password manager that creates strong combinations and stores them encrypted.
6. Check if your email has been compromised
You can check on sites like Have I Been Pwned if your email address has appeared in previous data breaches.
What is Vorwerk doing to solve the problem?
The company has taken steps to mitigate the effects of filtrationThey have indicated that they have disabled access to the vulnerable servers and have contacted the affected users.
In addition, the company has informed the authorities in Germany and other countries about the incident and has assured that are improving their security protocols to prevent future attacks.
It is crucial that those affected take precautions, change their passwords and be alert to possible fraud attempts.