Pizza Hut hacked, customer info lost, credit card details safe

Pizza Hut hacked, customer info lost, credit card details safe

Summary: The company denies that 240,000 customer credit card details were stolen, but hackers did gain access to customer information.

SHARE:
TOPICS: Security, Australia
2

Pizza Hut Australia has confirmed that its customer data was compromised during a hacking attack on its website, but denied that any credit card information was lost during the incident.

The Pizza Hut website was allegedly hacked by a group called 0-Day and Pyknic, with claims that 240,000 credit card details were stolen in the process. Reports of the hacking event began to surface late last night.

Users who visited the Pizza Hut website were redirected to another page, which claimed that the website had been compromised.

A spokesperson for the company told ZDNet several hours ago that the company was still checking whether claims of the hacking were actually true.

Pizza Hut general manager Graeme Houston issued a statement moments ago, confirming a security breach.

"Pizza Hut can confirm that a layer of its website, pizzahut.com.au, was breached, with access gained to names and contact information, including email addresses," he said.

The fast-food chain has, however, refuted the stolen credit card detail claims. According to a company spokesperson, Pizza Hut doesn't actually hold any credit card information from customers.

"That one's a furphy," a Pizza Hut spokesperson told ZDNet. "[Credit card information] goes through a third-party payment gateway."

What Pizza Hut does collect on its website is information through its online membership application process. This includes names, contact details, home addresses, and what kind of pizzas have been marked as favourites by customers.

According to Houston, Pizza Hut is working with its website providers to conduct a thorough investigation, and has reported the incident to the Office of the Australian Information Commissioner (OAIC).

"The security of our online ordering system has not been compromised in any way, and our customers can continue to order online in the knowledge the ordering system is secure," Houston said. "During the current official investigation with relevant authorities, no further comment will be made by Pizza Hut."

Topics: Security, Australia

Spandas Lui

About Spandas Lui

Spandas forayed into tech journalism in 2009 as a fresh university graduate spurring her passion for all things tech. Based in Australia, Spandas covers enterprise and business IT.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • The way Credit Cards are really handled.

    As a previous Pizza hut employee I only eat Domino's and Pizza Capers... not going into detail.

    Worst part is the whole credit card being processed by a third party thing is a lie, when you order something online with a Credit card it actually just prints it out on your receipt (not customer receipt but the internal order receipt) which being a delivery usually the driver would process this payment using the eftpos machine out the front. We would be told to then Throw the receipt into the bin.

    This I feel is a big issue and not very safe, it gets printed next the be pizza bench which would have an employee cutting and boxing pizza's which might move it or hand it to a driver which would then take it out the front and and process it (or hand it to the person working out the front to do if not busy) to then throw it in the bin. (which any employee can easily pick up or any random person could find it in the trash in the big bin out the back)

    So in the end you've got all these people you don't know handling your Credit Card information.

    Pretty slack...
    soisyamum
    • Wrong!

      Soisyamum, it is obviously been some time since you have worked in a Pizza Hut store then. Billing of orders from their call centre and the website is no longer done in store it is done electronically before the order is processed to the store. The front counter EFTPOS is only for in store pick up orders now. Not only that, the credit number can not be accessed by store staff or drivers as it is encrypted.

      Get your facts straight before making a incorrect comments.
      Driver_05