Safety Detectives
$ United States dollar
$ United States dollar Euro£ British poundAED UAE dirhamARS Argentine pesoAU$ Australian dollarBGN Bulgarian levR$ Brazilian realCA$ Canadian dollarCHF Swiss francCLP Chilean pesoCN¥ Chinese yuanCOP Colombian pesoCZK Czech korunaDKK Danish kroneEGP Egyptian poundHK$ Hong Kong dollarHUF Hungarian forintIDR Indonesian rupiah Israeli new shekelINR Indian rupee¥ Japanese yen South Korean wonMX$ Mexican pesoMYR Malaysian ringgitNOK Norwegian kroneNZ$ New Zealand dollarPLN Polish złotyRON Romanian leuRUB Russian rubleSAR Saudi riyalSEK Swedish kronaSGD Singapore dollar฿ Thai bahtTRY Turkish liraNT$ New Taiwan dollarUAH Ukrainian hryvnia Vietnamese DongZAR South African rand

1.2 Million Affected By Data Breach Of PurFoods LLC

Tyler Cross
Tyler Cross
Tyler Cross Tyler Cross

PurFoods, the company behind Mom’s Meals, suffered a data breach that may have affected more than 1.2 million people.

The company participated in a 5-month-long investigation that found that unauthorized tools were used for malicious data transfers and that a month-long cyberattack campaign struck their company earlier in January.

The potentially exfiltrated information affects customers who purchased one or more meal deliveries, current and former employees, and even independent contractors.

“We can’t rule out the possibility that data was taken from one of our file servers,” said the PurFoods data breach notice.

The notice also explains how sensitive the stolen data may be. The information in the affected files includes:

  • Date of birth.
  • Driver’s license/state identification number.
  • Financial account information.
  • Payment card information.
  • Medical record number.
  • Medicare and/or Medicaid identification and other health information/treatment. information including diagnosis code and patient ID number.
  • Meal category and/or cost.
  • Social Security Numbers were stolen in less than 1% of circumstances.

This information can be used by hackers in a number of ways, many hackers sell information on the dark web to the highest bidder, while others use stolen data to perform their own social engineering scams (oftentimes, it’s both.)

The company first noticed the attack in February, which prompted them to respond and begin their investigation by contacting the police and filing a data breach notice with the Office of the Main Attorney General.

“We then worked with our partners to identify accurate address information to provide notice to potentially affected individuals, and only recently completed these efforts,” PurFoods said.

They’re also offering free credit monitoring and identity restoration services for victims, as well as a guide on how to protect themselves against identity theft.

“We have taken a number of steps to further strengthen our network security,” PurFood said. “We also are reviewing our existing policies and procedures to identify additional measures and safeguards.”

About the Author
Tyler Cross
Tyler Cross
Writer

About the Author

Tyler is a writer at SafetyDetectives with a passion for researching all things tech and cybersecurity. Prior to joining the SafetyDetectives team, he worked with cybersecurity products hands-on for more than five years, including password managers, antiviruses, and VPNs and learned everything about their use cases and function. When he isn't working as a "SafetyDetective", he enjoys studying history, researching investment opportunities, writing novels, and playing Dungeons and Dragons with friends."