Coincidence?
I think there is possibly more to this than being pro-active I have personally had £160+ of orders placed on the 23th/24th of November.I contacted HH online on the 22nd after receiving what I hoped where spurious e-mails. Turned out they weren't, In total 11 different orders to different restaurants (and bizarrely 2 refunds) placed on the 22nd hit my account on the 23rd and 24th - including the refunds (all £16 of it)! I've only ever made 3 orders with HH twice in May and once in June of this year.
The only reason I knew anything about it was that 2 of those orders where followed up by a rate your meal mail request. HH at this point have simply wiped by payment details, the account is still there pointing to some "other" e-mail address. The order history shows a set of orders placed in Birmingham when the delivery address is in Merseyside (and doesn't even have a house number). On the website it actually says the restaurants are outside the delivery area when you review the order. .
Annoyingly for me it wasn't until the 24th that HH appeared to act and sent me a mail indicating the account was reset and I should sort out any issues with my bank.
I'm hoping my case is isolated - hacked online accounts are an annoying fact of life. What concerns me more here is the complete lack of basic validation, multiple charges to a single payment in an evening, to several different restaurants, with invalid delivery address details in a geographically separate area. Come on HH you can do better than that, this is basic stuff..
Biting the hand that feeds IT
