Ransom Sought in Domino's Pizza BreachHackers Claim Servers Breached; Customer Data Compromised
The hacktivist group Rex Mundi is claiming it breached the servers of Domino's Pizza in France and Belgium, downloading approximately 600,000 customer records.
In a statement posted to dpaste, a text-sharing application, Rex Mundi says it was able to download customers' full names, addresses, phone numbers, e-mail addresses and passwords.
"We immediately sent various e-mails to both Domino's Pizza France and Belgium," the hackers said in the statement. "We also used the contact forms on their websites to let them know of this vulnerability and to offer them not to release this data in exchange for 30,000 euros."
The hackers in their statement say Domino's Pizza has until Monday, June 16, at 8 p.m. CET to pay the ransom. "If they do not do so, we will post the entirety of the data in our possession on the Internet."
Domino's Pizza France, in a statement provided to Information Security Media Group, confirms it was the target of an attack that impacted the company's technology platform used to manage its promotional campaigns in France and Belgium. The illegal access resulted in the potential copying of certain personal data relating to customers, the company says.
"No credit card or bank information relating to any of our clients has been affected by this hacking since the technology platform that was affected does not accept credit card payments, and Domino's Pizza's database does not save this type of information," the company says.
Domino's says it uses an encryption system for its commercial data, but says hackers may have potentially decoded the encryption system, which mainly protects e-mails and passwords.
"The company has immediately contacted the people affected in France and Belgium and invited them to change their password on Domino's Pizza's website to avoid the risk of phishing and fraudulent use of their personal data," the company says.
A complaint has been filed with the director of public prosecutions in Paris, and Domino's Pizza France is working with authorities and appropriate experts to investigate the incident. Domino's declined further comment regarding the ransom.