Creating something incredible? Give us a mention @thermomix_au

Free shipping on all Australian orders above $149

0

  • Earn Rewards with

    • MEDIA STATEMENT

    Friday February 7th, 2025

    Data security incident: Vorwerk’s Recipe Community forum recipecommunity.com.au
    •   Vorwerk’s Recipe Community forum in Australia & New Zealand, recipecommunity.com.au, has been affected by a data security incident. Vorwerk sincerely apologises for any concern or inconvenience this may cause our Consultants and our Customers.

    •   Vorwerk took immediate action upon discovering the incident and will work closely with all relevant authorities to ensure all necessary steps are taken. Vorwerk emailed all affected users on Friday February 7th, 2025 about the incident and the steps they can take to protect their data.

    •   Vorwerk Australia & New Zealand has partnered with IDCARE, Australia’s national identity and cyber support community service, to provide expert support to our Consultants and our Customers in relation to personal information risks or instances where information may have been misused.


    What happened?
    Vorwerk’s investigation has established that a secondary server at one external service provider was illegally used by third parties to gain access to certain data fields, which included personal information, during the period January 30th and February 3rd, 2025. The unauthorised access was detected promptly, and the incident was contained. The compromised secondary server has been taken offline and retired.

    Following an immediate review in close collaboration with our service provider, internal security and data protection experts, we can confirm:

    •   The incident was isolated to the online recipe community forum in Australia, Czech Republic, France, Germany, Italy, New Zealand, Poland, Portugal and Spain.  
    •   No user passwords or sensitive financial information were affected.
    •   No internal systems were accessed.
    •   No other platforms were impacted. The Thermomix® ecosystem including Cookidoo® , TheMix Shop and any other Vorwerk services were not affected.
    •   The temporary security vulnerability on the forum recipecommunity.com.au has been resolved.

    Affected data fields include: name, address, birthday, phone number, email address and cooking & Thermomix® preferences. Passwords are not affected.

    •   Vorwerk takes privacy and data protection very seriously and remains committed to the continuous improvement of its practices, systems and security. Vorwerk’s investigation is ongoing and we continue to work with cybersecurity specialists to investigate the attack. As a result of the action taken by us, we have prevented similar incidents occurring in the future.

    •   The incident is being reported to the relevant authorities including the Office of the Australian Information Commissioner (OAIC).

    •   Anyone that thinks they might have been impacted should contact IDCARE by completing the ‘Get Help Now’ form at www.idcare.org or calling them on 1800 595 160 (AU) or 0800 121 068 (NZ) and use the referral code VRWKA25.

    Media enquiries:
    Please direct all media enquiries to Havas Red:  lisa.skupch@havasred.com

    Download Media Statement

    Frequently asked questions

    How will I know if I have been affected by the data security incident?

    On 07/02/25, Vorwerk Australia sent an email to all Recipe Community users affected by the data security incident in Australia and New Zealand.

    What does this mean for me? What should I do?

    You should carefully review the information that was affected by this incident and think about whether this could result in you experiencing any harm. Some of the steps you may consider taking to protect yourself include:
    •   Be aware of emails and telephone calls from people requesting or seeking to confirm your personal details (especially things like your date of birth, residential address, email address, username or passwords which are often used to verify your identity).
    •   Whilst the incident did not involve passwords, monitor your online and other accounts for unusual activity and unauthorised attempts to gain access using your personal information. Make sure that your passwords do not use your personal information.
    •   Whilst the incident did not involve financial information, monitor online banking accounts for unusual activity and unauthorised attempts to gain access using your personal information. You may wish to consider alerting your financial institutions so that they can implement additional monitoring and security protocols on your accounts. Enable multi-factor authentication if possible.
    •   Consider updating your email security settings and enabling Two-Factor Authentication (2FA) where possible.

    I don't know if I have been impacted and I don't know what to do. Who can help me? How do I contact IDCARE?

    Vorwerk Australia & New Zealand has partnered with IDCARE, Australia’s national identity and cyber support community service. They have expert Case Managers who can work with you in addressing concerns in relation to personal information risks and any instances where you think your information may have been misused.
    •   IDCARE’s services are at no cost to you.
    •   If you wish to speak with one of their expert Case Managers please complete an online Get Help form at www.idcare.org or call 1800 595 160 (in Australia) or 0800 121 068 (in New Zealand)
    •   IDCARE specialist Case Managers are available from 9am-5pm AEST Monday to Friday excluding public holidays.
    •   When engaging IDCARE please use the referral code VRWKA25.

    What personal data has been affected by the incident?

    Affected data fields include: name, address, birthday, phone number, email address and cooking & Thermomix® preferences. Passwords are not affected.

    Where do I go for more information?

    • Anyone that thinks they might have been impacted should contact IDCARE by completing the ‘Get Help Now’ form (for Individuals) at www.idcare.org or calling them on 1800 595 160 (AU) or 0800 121 068 (NZ). Please use the referral code VRWKA25.
    • Useful Fact Sheets about how to keep your data safe can be found on IDCARE’s website https://www.idcare.org/learning-centre/fact-sheets
    • Contact our Privacy Officer at privacyofficer@thermomix.com.au
    • Visit https://www.oaic.gov.au/privacy/privacy-complaints

    Can you tell me more about the data incident? What actually happened?

    Vorwerk’s investigation has established that a secondary server at one of our external service providers was illegally used by third parties to gain access to certain data fields, which included personal information, during the period January 30th and February 3rd, 2025. The unauthorised access was detected promptly, and the incident was contained. The compromised secondary server has been taken offline and retired.

    What systems or platforms have been affected by the data incident?

    Following an immediate review in close collaboration with our service provider, internal security and data protection experts, we can confirm:
    • The incident was isolated to the online recipe community forum in Australia, Czech Republic, France, Germany, Italy, New Zealand, Poland, Portugal and Spain.
    • No user passwords or sensitive financial information were affected.
    • No internal systems were accessed.
    • No other platforms were impacted. The Thermomix® ecosystem including Cookidoo®, TheMix Shop and any other Vorwerk services were not affected.
    • The temporary security vulnerability on the forum recipecommunity.com.au has been resolved.

    Should I be concerned about Vorwerk’s privacy and data protection practices, systems and security? What has Vorwerk done to prevent this from happening again in the future?

    Vorwerk takes privacy and data protection very seriously and remains committed to the continuous improvement of its practices, systems and security. Vorwerk’s investigation is ongoing and we continue to work with cybersecurity specialists to investigate the attack. As a result of the action taken by us, we have prevented similar incidents occurring in the future.

    When and how did Vorwerk become aware of the data security incident? Why are you only communicating with us about it now?

    Vorwerk took immediate action upon discovering the incident and we will work closely with all relevant authorities to ensure all necessary steps are taken.

    Which countries are affected?

    The data leak is isolated to the online recipe community forum in Australia, Czech Republic, France, Germany, Italy, New Zealand, Poland, Portugal and Spain.

    Do you know who is behind the data incident?

    Vorwerk continues to work with cybersecurity specialists to investigate the attack.

    How can I make a complaint about how this incident was handled?

    If you are not satisfied with how we have handled this incident or you have experienced some harm as a result, you can make a privacy complaint. You can do so by contacting us by email at privacyofficer@thermomix.com.au. It would be helpful if you could explain how you have been affected by the breach and what you would like us to do to resolve your complaint.
     
    If we cannot resolve your complaint, you can then make a complaint to the Office of the Australian Information Commissioner (OAIC). You can find out more about how to make a complaint to OAIC at https://www.oaic.gov.au/privacy/privacy-complaints/lodge-a-privacy-complaint-with-us

    I would like to delete my recipecommunity.com.au account - how do I do that?

    Please email your request to delete your account to us at privacyofficer@thermomix.com.au. Please include your full name, Recipe Community username and the email address associated with your account. We will respond to you within 30-days of receiving this request.

    Join MyMix Rewards

    Join Today

    If you don't already have an online account, complete the sign-up form below to get set up and join MyMix Rewards.

    For all existing online account holders, login here and you can join MyMix Rewards within your online account from the new MyMix Rewards tab. 

    If you're a Thermomix® Consultant or don't want to join MyMix Rewards just yet, you can create an online account for TheMix Shop here.