Pizza Hut Australia has encountered a severe cyberattack that has led to unauthorized access and potential compromise of customer data. Reports from DataBreaches have revealed shocking details about this breach, with a hacking group named ShinyHunters claiming responsibility for the attack.
According to the gathered information, ShinyHunters managed to infiltrate Pizza Hut Australia’s systems nearly 1 to 2 months ago by exploiting Amazon Web Services (AWS) through multiple entry points. Alarmingly, they assert that they have exfiltrated more than 30 million records, including customer orders and the personal information of over 1 million customers. What makes this situation even more troubling is the fact that ShinyHunters operated stealthily without being detected throughout the entire intrusion.
As proof of their claims, ShinyHunters provided DataBreaches with two sample files. The first file contained records of customer orders, totaling 200,000 entries, each including a wide range of order details, customer information, and payment data. The second file was a JSON file that encompassed the personal details of 100,000 customers. This file included sensitive information such as names, email addresses, postal addresses, longitude, mobile phone numbers, passwords, service type (delivery or pickup), and even credit card numbers. While the credit card data was encrypted and the passwords hashed, other fields were in plaintext.
To validate their claims, DataBreaches spot-checked customer names and found matches with individuals in the corresponding geographic areas within the data samples. ShinyHunters is currently demanding a ransom of $300,000.00 to delete the stolen data. It is notable that ShinyHunters has a history of selling or leaking data when victims do not comply with their extortion demands.
Pizza Hut has yet to respond to ShinyHunters’ demands, leaving customers concerned about the safety of their personal information. Despite being a significant security incident, Pizza Hut Australia has not issued any official notice on their website to alert customers about this breach involving their credit card information.
DataBreaches, an organization that provides data and statistical analyses to Protenus for their Breach Barometer reports, has attempted to reach out to Pizza Hut Australia’s CEO, CFO, and COO for comments regarding the breach. They have inquired whether the company was aware of the security breach, if law enforcement or regulators had been informed, and if customers had been notified. However, as of the publication of this news, no responses have been received from the company.
This attack on Pizza Hut Australia highlights the importance of robust cybersecurity measures and the need for organizations to prioritize the protection of customer data. Customers who have interacted with Pizza Hut Australia are advised to remain vigilant and monitor their accounts for any suspicious activity. It is crucial that Pizza Hut takes immediate action to investigate and address this breach, ensuring that affected customers are notified and appropriate measures are taken to prevent future attacks.
To stay updated on the latest Cyber Security News, it is recommended to follow reliable sources such as Google News, Linkedin, Twitter, and Facebook. These platforms provide valuable insights into evolving cybersecurity threats and offer guidance on how to stay safe online. As organizations strive to enhance their cybersecurity defenses, it is paramount for individuals to educate themselves about potential risks and adopt secure practices to protect their personal information.