recipesTimothy Lillis

Best Breached Hummus

recipesTimothy Lillis
Best Breached Hummus

Alton (not his real name) had just gotten a food processor, so he was trying out hummus and salsas and the kinds of culinary endeavors Antoni Porowski would approve of. Though thousands of his emails were leaked, very little of his personally-identifiable information got out. He was fortunate, as that’s not always the case.

Best Breached Hummus

We’ve all gone through phases.

Some phases we showcase proudly online, whether that’s shipping characters in our favorite fandom, tweeting Johnny, Johnny memes or relaxing to ASMR videos. But those are phases we proudly live out loud online, and we’re in control of what we choose to share. Other phases are understandably more personal, and we’d prefer to keep them to ourselves.

Alton went through a pureed food phase. It wasn’t a big deal. It wasn’t highly private. He was fine with sharing his cooking adventures, even though in the end how he shared wasn’t by choice. His email—along with the contents of about a thousand of his messages—was part of a data breach. One of those emails included a hummus recipe he traded with a coworker.


  • 2 cups chickpeas (canned or soaked and cooked)

  • 1/2 cup chickpea can juice or water

  • 2 cloves garlic

  • 2/3 cup tahini paste

  • 1/4-1/2 tsp salt (usually closer to 1/4 for canned)

  • 1 tbsp lemon juice

  • 1 tbsp olive oil


If soaking and cooking chickpeas, I recommend soaking 1lb overnight with 1/4 tsp of baking soda. Then simmer on low-med heat for 2-2.5 hours.

  1. Measure chickpea juice and set aside.

  2. Chop garlic coarsely.

  3. Combine chickpeas, juice, and garlic in food processor. Puree to paste.

  4. Add other ingredients. Puree to desired consistency.

  5. Taste and season as desired.

  6. Eat hummus.

If your email address or passwords are part of a data breach, sometimes the fix is as simple as updating your passwords across the board, especially if you use the same password for more than one account.

“I do try to use password generators when I’m creating passwords for things that I consider to be sensitive accounts,” Alton said.

If you’ve been part of a data breach, it’s a good idea to create new secure and unique passwords, store those passwords in a password manager and double down on security with two-factor authentication where available.

We often hear about data breaches that affect our consumer accounts, like Yahoo and LinkedIn. However the breach that involved Alton’s account affected his employer, an eye opening experience for him. He offers this advice: “Be better informed about your organization’s data practices and how secure they’re keeping your information.”

While it’s our responsibility as citizens of the internet to protect ourselves, it’s also on the companies we work for and websites and services we use to collect and store only what they need. Many companies we all engage with online ask for our trust without necessarily earning it because they don’t give people meaningful choices surrounding our privacy. To help businesses and developers be more privacy aware, we created these lean data practices along with a toolkit. Do you know what’s happening with our data at work? If not, this toolkit can help start that conversation.


More Recipes