Hackers breach chocolate recipe on Hershey website
Hackers breached the security of a website operated by US confectionery giant Hershey Company and may have made off with customers' names, birthdates, street and email addresses, and site passwords. In an email sent to customers last week, Hershey said an unauthorized individual accessed the site and changed a baking recipe for …
This topic is closed for new posts.
1st rule of Internet club: lie
This reg reader suggests everyone uses 1/1/1970 as their birthdate on every site with no need to know and lie about everything that doesn't compromise your use of sites. As a habit.
I also love responding to phishing. With completely false details. What we really need is a set of trigger CC accounts that automagically trigger fraud detection, might catch a few more scumbags.
RE: 1st rule of Internet club: lie
As of last week, all my new site signups have been for Jake Davis, address of 1 Sheepshagger House, Yell, Shetlands, age 18, and for sex I put "not yet".
"changed a baking recipe for one of its products"
Gordon Bennet (or Ramsay) hope they modified " Hershey's Kisses"
They're bloody awful. Taste like they're made of lard.
Not floor wax
The distinct tang of Hershey is definitely stale ear wax.
A lardy cloying texture is distinctly a Cadbury's Dairy Milk thing. But the OP is quite right about Hershey chocolate having a nasty chalky texture.
I always thought...
...that their secret ingredient was baby sick. That's what they taste like to me.
It's gone off milk
Definitely a pint of full fat that's been out in the sun for a day.
In-laws went on hols to the states, brought me back a pack of Hershey's bars.
Managed to eat one while at a low ebb and no other chocolate in house.
@david 63
Exactly. Hershey's <<< Cadbury's <<< Chocolate.
Disgusting.
Lard is a delicacy in some places
Taste more like brown candle wax to me.
Wow I thought I was the only one
Why exactly do Hershey's Kisses taste like vomit?
They left a definite after-taste of heart burn that last time I tried one.
I thought they had been tampered with.
How anyone on God's green earth could call that chocolate is quite beyond me.
Script
If this is Hershey chocolate then the correct script is:
s/sawdust/chocolate/g
Would I lie to you ?
"The Reg strongly recommends users withhold as many personal details as possible"
Or just plain lie !
I've lost count how many times I've been Tony Blair...
Hi Tony!
It's me Elvis!
99% of the time I use Feb 29 of a non-leap year for the birthday.
Awesome.
*rushes off to check date validation algorithms on his sites*
29th Feb
I've done that too, but I got caught out when the input validation forms were later updated to correct this, but the database still had the invalid date in it...
Over in Norway...
... for my Norwegian ID number I was given by the authorities the date "32nd Feb 2000" in the late 80s as my date of birth.
I loved that ID card becase every time it went into a machine for chacking it would fail.
getting bored now ..
.... hows about these "hackers" et al snitch the data sets etc etc to highlight a vulnerability in said websites, then promise not to divulge it unless and until said websites vulnerabilities have been fixed PRONTO. They could even offer to assist in that regard. Then some verifiable and trusted testing body could run attack vectors, whatever, to determine that the fix was good and the data could go back whence it came, all tidy like. Of course, the body responsible for hosting /constructing the web presence where said data was held would have to foot the bill for all this, as a lesson to all other peeps that wish to retain our / your data in such a manner.
Would that just not be exciting enough ?, although possibly more efficient and conducive to the common good.
* (the above does not, nor is it intended to, cover examples of data sets held illegally / dishonestly for nefarious purposes by guberment authorities with things to hide from those that democratically elect them etc etc.)
Like that will work...
"then promise not to divulge it unless and until said websites vulnerabilities have been fixed.."
That would be never then.
A better solution would be a timed escrow - i.e. you have 3 weeks to fix your site before this goes public.
That way they have warning and a reasonable timeframe to fix or at the very least quarantine the problem.
But what did they change...
....did they substitute an ingredient for marijuana or something? Or insert 1/2 tsp. arsenic?
hrm...
I'm not even sure 1/2 tsp of arsenic in an industrial batch would even be enough to make one mildly ill. It may not even be enough to get it pulled for health reasons (although it would certainly get pulled for PR reasons)
But why?
Misleading headline... but even so, had it been true, I'd wonder why anyone would want the recipe - they make awful chocolate!
Anyway - what good will a mailing list of people with no tastebuds do?
If they're foolish enough to give contact information ...
... for no discernible good reason, that makes them attractive targets, yes?
This is a title
"Anyway - what good will a mailing list of people with no tastebuds do?"
Starbuck's coupons?
The change in the recipe
s/vegetable oil/cocoa butter/g
Hershey officials were heard to say "We knew it was hacked right off. I mean, making chocolate with cocoa butter? Who'd be that stupid!"
(sad to say, but Hershey *used* to be a cool company - they donated tens of millions of dollars to orphanages back when a dollar was still 1/35 oz. of gold. But the beancounters took over, and started cheapening the product. And that is why I don't buy Hershey products anymore.)
Oh please...
Please let them change the production recipe.... Anything has to be better than the muck they pass off as chocolate these days.
Is Hershey's really that bad?
I've never knowingly eaten a Hershey's bar, I do love chocolate, especially dark chocolate (ocassionally 75% cocoa) and Thorntons, I find Cadbury's milk chocolate a little too milky at times though and always try to avoid any food that says "chocolate flavour" in the description.
Damn this news story and all your choclatey replies, I've now got a craving for some Lindt mint chocolate which is made with 47% cocoa.
@Haku
Yes, yes it is.
It tastes like it is made of a mixture of vomit and despair.
And my favourite chocolate is dairy milk (all that high cocoa stuff is OK I suppose, but there are too many choco-ponces around who seem to think someone's worth is measured by the percentage of cocoa in their choice of chocolate).
@Lee
I'll keep avoiding Hershey's then :)
BTW the dark chocolate thing, I'm allergic to dairy products, don't eat beef anymore and avoid milk & milk products so the higher cocoa levels of chocolate has less negative impact on my stomach, and I do like the taste of dark chocolate more than milk chocolate.
@Haku
Actually it's even worse.
An American friend of mine gave all us Brits some Hershey's kisses. We were convinced she was trying to make us leave, they were that bad.
She has since been converted, as have her entire family. She now has to send choccy food parcels back to the USA!
(For some reason this reply was rejected by a moderator - WHY? It is perfectly true, and others have described the taste as "vomit"! Would you like to speak to my friends family in Colorado to verify the authenticity?)
No-one would steal the recipe
Hershey Kisses literally taste of puke. You can slag off Cadbury's Dairy Milk for not being "proper" chocolate, but at least it doesn't taste like the inevitable aftermath of ten pints, a paella and a ride home on a night bus with ineffective shock absorbers.
not completly
It doesn't initially taste like vomit, but the after taste is VOMIT and nothing else fits.
"..accessed the site and changed a baking recipe.."
Let me guess. They noticed something was up when large quantities of unused manure started piling up in their Goods Inwards department....
It'd have to be Goods Inwards
... because if it was Goods Outwards, they still wouldn't have noticed the hack.
Has nobody actually yet come up with......
... two words...
chocolate backdoor
I thought this was going to be,
http://www.snopes.com/business/consumer/cookie.asp
which is, I now remind myself, the "Neiman Marcus cookie recipe story".
Check your facts
I agree with the others - if you're concerned with your privacy, it's easy enough to lie when filling out registration email.
But to the author of this article - you need to check your facts. The reason why websites require birthdates is a legal matter. In many countries, you can't directly market to childern under the age of 13, so if the company wants to send emails to their members, users must provide a birthdate during so the website can cover their a$$.
This topic is closed for new posts.
