Pizza Hut Australia has confirmed that its customer data was compromised during a hacking attack on its website, but denied that any credit card information was lost during the incident.
The Pizza Hut website was allegedly hacked by a group called 0-Day and Pyknic, with claims that 240,000 credit card details were stolen in the process. Reports of the hacking event began to surface late last night.
Users who visited the Pizza Hut website were redirected to another page, which claimed that the website had been compromised.
A spokesperson for the company told ZDNet several hours ago that the company was still checking whether claims of the hacking were actually true.
Pizza Hut general manager Graeme Houston issued a statement moments ago, confirming a security breach.
"Pizza Hut can confirm that a layer of its website, pizzahut.com.au, was breached, with access gained to names and contact information, including email addresses," he said.
The fast-food chain has, however, refuted the stolen credit card detail claims. According to a company spokesperson, Pizza Hut doesn't actually hold any credit card information from customers.
"That one's a furphy," a Pizza Hut spokesperson told ZDNet. "[Credit card information] goes through a third-party payment gateway."
What Pizza Hut does collect on its website is information through its online membership application process. This includes names, contact details, home addresses, and what kind of pizzas have been marked as favourites by customers.
According to Houston, Pizza Hut is working with its website providers to conduct a thorough investigation, and has reported the incident to the Office of the Australian Information Commissioner (OAIC).
"The security of our online ordering system has not been compromised in any way, and our customers can continue to order online in the knowledge the ordering system is secure," Houston said. "During the current official investigation with relevant authorities, no further comment will be made by Pizza Hut."