Pizza Hut Australia has suffered a data breach in which tens of thousands of its customers’ sensitive information was stolen, according to a breach notification the company sent to affected customers.
During the intrusion, the attackers stole sensitive data from 193,000 restaurant customers, including full names, delivery addresses and directions, email addresses, phone numbers, masked credit card data, and encrypted account passwords.
No hint of ransomware.
Affected users “may want to consider” updating their passwords, the notification said. However, there are more ways hackers can use this information, including identity theft and phishing. Customers should also be wary of any email claiming to be from Pizza Hut Australia.
The company reported the incident to the Office of the Australian Information Commissioner (OAIC). Although not clearly stated, the relevant law enforcement organizations are likely to have been notified as well. It claims that these 193,000 people represent only a “small number” of its customers.
The company also did not discuss the nature of the attack. Given that there is no record of its operations being stopped or disrupted in any way, it is safe to assume that this was not a ransomware attack.
In modern times, ransomware attackers have started to avoid deploying an encryptor, and instead focus only on data exfiltration. Apparently, an encryptor is very expensive and cumbersome to develop, maintain, and deploy, while the same results (financially) can be achieved by simply stealing the data.
There was also no word of any possible interaction with the hackers. It’s also safe to assume that data will leak onto the dark web sooner or later.
through Bleeping computer
More from TechRadar Pro
- Top Data Breaches and Cyber Attacks of 2022
- Here is a list of the best malware removal services.
- These are the best privacy tools out there right now.