Popular pizza chain Domino's Pizza has landed itself in a bit of a pickle (and we're not talking about a pizza topping here!).
Hackers are holding the company to ransom after making off with over 650,000 customer records of consumers in France and Belgium. The stolen data includes personal details of customers such as email address, full name, phone number, delivery instructions and passwords.
The hacking is the work of a group which goes by the name "Rex Mundi," which has demanded a ransom of €30,000 in exchange of not releasing the sensitive customer data. Domino's Pizza has a deadline of 8PM CEST on Monday, June 16, to fulfill the demand; otherwise the hackers threaten to publish the data online.
Rex Mundi posted some sample stolen data on the site dpaste.de, but the account has since been suspended.
"Earlier this week, we hacked our way into the servers of Domino's Pizza France and Belgium, who happen to share the same vulnerable database. And boy, did we find some juicy stuff in there! We downloaded over 592,000 customer records (including passwords) from French customers and over 58,000 records from Belgian ones," revealed Rex Mundi in the post.
The hackers also took to Twitter to announce their heist, but this account too has been suspended.
"If you're a @dominos_pizzafr customer, u may want to know that we have offered Domino's not to publish your data in exchange for 30,000EUR," claimed the tweet from the twitter handle Rex Mundi_Anon.
Domino's France admitted to the hacking which occurred last week via a Twitter post.
"Domino's Pizza uses an encryption system for data. However, we suffered a hack by seasoned professionals and it is likely that they could decode the encryption system including passwords," (translated) noted the Domino's France Twitter account on June 13.
The hacking, however, was "isolated" and does not affect customers elsewhere. Luckily, no details of customer credit card made it into the hands of the hackers. However, it is concerning that passwords were compromised as most individuals use the same password in many places.
With the deadline for the ransom approaching, it will be interesting to see if Domino's Pizza gives in to the demand of the hackers or takes another route.