CyberInsider

Reliable cybersecurity news and resources

General

Latest News

About

CyberInsider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Data Breach at Thermomix Forum Exposed Info of 3.1 Million Users

By Leave a Comment
Data Breach at Thermomix Forum Exposed Info of 3.1 Million Users

Vorwerk, the German company behind the popular Thermomix kitchen appliance, has confirmed a data breach affecting its online forum Rezeptwelt.de and several localized versions across multiple countries.

The breach, which occurred between January 30 and February 3, 2025, exposed the personal details of over 3.1 million users, including names, email addresses, phone numbers, physical addresses, and dates of birth.

The breach was discovered when an unauthorized party gained access to a downstream server operated by an external service provider working with Vorwerk. According to Vorwerk's official statement, the security incident was limited to the Rezeptwelt.de forum and its localized versions in Czechia, Spain, France, Italy, Poland, Portugal, and Australia. The company emphasized that no passwords, financial data, or critical internal systems were compromised.

The breach was also added to Have I Been Pwned (HIBP), a data breach notification service. The stolen data set was shared with HIBP by a source using the alias “ayame@xmpp.jp”, and it was added to the database on February 6, 2025. Notably, 62% of the exposed accounts had already appeared in previous breaches, indicating that many affected users had been compromised before.

Impact on Thermomix users

Rezeptwelt.de is Vorwerk's official online community for Thermomix users, where members exchange recipes and cooking tips. With over 3.1 million registered accounts, it is one of the largest forums dedicated to Thermomix enthusiasts worldwide. The platform allows users to create profiles where they can share cooking preferences and personal details—some of which were included in the stolen data set.

The compromised information includes:

  • Full names
  • Email addresses
  • Phone numbers
  • Physical addresses
  • Dates of birth
  • Bios related to cooking preferences

Vorwerk says it has already notified all affected users and is working with cybersecurity and privacy experts to assess the full impact of the breach. The company has assured customers that its core platforms—including Cookidoo®, the Vorwerk webshop, and the Thermomix® ecosystem—were not affected.

Although Vorwerk has found no evidence of widespread misuse, the exposure of personal details raises concerns about phishing attacks, spam, and social engineering scams. Given that many affected users have already been part of previous breaches, attackers could combine leaked information from multiple sources to craft convincing scams.

Vorwerk recommends the following security measures for affected users:

  • Be cautious of phishing emails and avoid clicking links or opening attachments from unknown senders.
  • Verify communications from Vorwerk. Official emails will never ask for sensitive information such as passwords or payment details.
  • If users have reused their Rezeptwelt credentials on other platforms, they should change their passwords immediately.

About Amar Ćemanović

Amar Ćemanović is an experienced editor and trained engineer with a keen eye for detail and a passion for technology. 
Based in Bosnia, Amar specializes in producing high-quality, engaging content. He holds a Master’s degree in engineering, which helps him maintain a meticulous approach to all editorial work. Amar brings a well-rounded knowledge base, covering everything from tech solutions to privacy tools.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *