Hackers have threatened to expose the details of over 600,000 Dominos Pizza customers after hacking the firm’s website.
The group, which goes by the name Rex Mundi, said it had hacked the servers of Domino’s Pizza France and Belgium thanks to a “vulnerable database”, downloading the details of 592,000 French and 58,000 Belgian customers.
These included customers’ name, full address, phone number, email and even info on their favourite pizza
toppings.
The group claimed that the company has until 8pm CET on Monday to respond to its demands.
“We immediately sent various emails to both Domino's Pizza France and Belgium. We also used the contact forms on their websites to let them know of this vulnerability and to offer them not to release this data in exchange for 30,000 Euros,” it said.
“So far, Domino's Pizza has not replied to our demands. We would also like to point out that both of their websites are still up and vulnerable.”
Steve Smith, MD of data security firm Pentura, argued that the value of sensitive data to cyber criminals should never be underestimated.
“People should also be very cautious about clicking on links in emails which claim to be from Domino’s, no matter how authentic they seem to be,” he added. “There’s a very real risk that attackers will try and exploit this attack to send phishing emails to users, to try and harvest more sensitive data.”
Jason Hart, VP cloud solutions at SafeNet, argued that criminals will always follow the path of least resistance.
“The fact that financial information was not compromised minimises the severity of the breach. But given the increasing number of data breaches we’re seeing, it’s clear that companies need to start thinking about encrypting more than just financial data,” he added. “If not they run the risk of losing customers to those competitors that do.”