- Pizza Hut: 1M Data Hacked - September 19, 2023
- $1.25B Heist: Web3’s Ongoing Plunder - September 18, 2023
- DPRK-Linked Hackers Suspected in $40M Cryptocurrency Heist - September 16, 2023
Hacker group ShinyHunters recently claimed to have gained access to the data of more than a million customers of Pizza Hut pizza chain in Australia. According to the attackers, they exploited vulnerabilities in the AWS service to breach the system 1-2 months ago and stole more than 30 million lines of confidential information.
Data Heist: Threats to Pizza Hut and Beyond
The data samples posted by the hackers contained order information including names, addresses, phone numbers and encrypted customer bank card details. Verification by experts confirmed the authenticity of the stolen data.
The ShinyHunters hackers are demanding $300,000 for the removal of the stolen information. Previously, the group has already posted publicly available data of companies that refused to pay the ransom. Pizza Hut in Australia has not yet publicly commented on the incident and has not responded to the attackers’ demands.
The company’s official website and social media accounts are also so far devoid of any information about the hack or notification to customers. Questions about the data theft sent to Pizza Hut management by local media have also gone unanswered so far.
The stolen data can be used to steal money from bank cards, phishing attacks and other criminal purposes. The incident jeopardizes the security of one million customers of a pizza chain in Australia.
While colossal in scale, the incident still hasn’t overtaken another major event that occurred in Australia this year. The March attack on Australia’s Latitude Group literally devastated the company, only narrowly avoiding wiping out the entire business, thanks in large part to good management and numerous mitigation measures.
Such incidents demonstrate the vulnerability of large companies to hacker groups and emphasize the importance of ensuring strong protection of internal company data, confidential information about customers, partners and employees.
The theft of millions of people’s personal data is a serious crime that carries significant reputational and financial risks for any business.