Skip to content
Supply chainContained

Leak at Espace-Recettes.fr Vorwerk

In early February 2025, Vorwerk's Thermomix recipe community Espace-Recettes.fr (Rezeptwelt) was breached via a compromised third-party server, exposing names, postal addresses, emails, phone numbers, dates of birth and cooking preferences of roughly 3.3 million users across several countries.

Victim
Espace-Recettes.fr Vorwerk

On 6 February 2025, Espace-Recettes.fr β€” the French Thermomix recipe community operated by German appliance maker Vorwerk (the international "Rezeptwelt" platform) β€” disclosed a data breach affecting its members. Between 30 January and 3 February 2025, attackers gained unauthorized access to a subordinate server run by an external service provider, then extracted member profile data that was subsequently offered for sale on darknet forums.

The compromise stemmed from the third-party provider's server rather than Vorwerk's core systems. The company stressed that its Thermomix ecosystem, the Cookidoo platform, the Vorwerk web shops and other services were not affected, and that no passwords or payment data were exposed.

Exposed data categories included:

  • Full name
  • Postal address
  • Email address
  • Phone number
  • Date of birth
  • Thermomix cooking preferences

Roughly 3.3 million users across multiple countries β€” including France, Germany, Spain, Italy, Poland, Portugal and Australia β€” were affected. Vorwerk took the compromised server offline, notified affected users and data protection authorities, and warned members to be alert for phishing and unsolicited messages, since the exposed contact details create a real risk of targeted scams.

Sources

  1. bitdefender.comhttps://www.bitdefender.com/en-us/blog/hotforsecurity/data-breach-at-thermomix-recipe-forum-exposes-profile-information-of-3-3-million-users
  2. heise.dehttps://www.heise.de/en/news/Data-leak-at-Thermomix-data-from-1-million-German-users-on-the-darknet-10273939.html
  3. cyberinsider.comhttps://cyberinsider.com/data-breach-at-thermomix-forum-exposed-info-of-3-1-million-users/

Related incidents

Supply chainContained

Leak at Discord

On 4 October 2025 Discord disclosed a breach of a third-party customer-support provider that exposed support-ticket data and roughly 70,000 government-ID photos (submitted for age-verification appeals), plus names, emails, IP addresses and partial billing details.

Victim
Discord
Records
70.0K