Usually when we report on a hacking, it has something to do with a retail store or a tech firm. However, this hacking group decided to go in a different direction and stole 650,000 passwords from Domino's Pizza. The group is demanding €30,000 (which works out at £23,892) by 7PM BST tonight or it will publish all of the customer data.
The hacking group is known as Rex Mundi, which claims to have accessed Domino's French and Belgian databases. The group tried to publicize the ransom by posting a statement on dpaste.de:
“We downloaded over 592,000 customer records (including passwords) from French customers and over 58,000 records from Belgian ones … [including] the customers' full names, addresses, phone numbers, email addresses, passwords and delivery instructions. (Oh, and their favorite pizza topping as well, because why not).”
If Domino's doesn't cough up the cash by the end of tonight, then Rex Mundi will “will post the entirety of the data in its possession on the internet.” The group has also been taunting the company through Twitter, asking if it thinks that its customer data and privacy is worth the €30,000 asking price.
However, despite all of the threats, the group hasn't offered up any proof that it holds such sensitive information publicly, although it is possible that it has sent some form or proof to Domino's privately. Domino's France has offered a statement on its Twitter page, warning users to change their passwords as it is probable that the hackers “will have been able to decode the cryptographic system for the passwords.”
Discuss on our Facebook page, HERE.
KitGuru Says: It looks like Domino's might want to tighten up its security as cyber crime is becoming increasingly common. We'll have to wait and see what happens later on tonight. Do you guys think Domino's should pay the ransom in an attempt to protect its customer data? After all, there is no guarantee that the group won't hold on to the information or sell it on the black market later on. However, at the same time these companies do have a duty to protect customer data and stop things like this from happening.