A group named Rex Mundi last week claimed to have breached the systems of Domino’s in Belgium and France, and captured large amounts of customer data. Hours later, the group demanded the €30,000 from Domino’s in exchange for not releasing the data.
The stolen data is believed to include names, email addresses, phone numbers and pizza toppings (the hackers explained the toppings theft thus: “because why not”).
Domino’s said that bank account and credit card details have not been stolen.
Hackers Rex Mundi posted about the data theft earlier this week on online message board dpaste.de. The post has now been removed, but Sky News has a copy of it. The post said:
“Earlier this week, we hacked our way into the servers of Domino’s Pizza France and Belgium, who happen to share the same vulnerable database.
“And boy, did we find some juicy stuff in there! We downloaded over 592,000 customer records (including passwords) from French customers and over 58,000 records from Belgian ones.
“That’s over six hundred thousand records, which include the customers’ full names, addresses, phone numbers, email addresses, passwords and delivery instructions. (Oh, and their favorite pizza topping as well, because why not).”
The hacking group has been tweeting from @RexMundi_Anon about the Domino’s attack for the past few days.
We hacked the websites of @dominos_pizzafr & Domino’s Belgium, and downloaded 600,000+ customer records. More info: https://t.co/KVJ1SW7UeA
— Rex Mundi (@RexMundi_Anon) June 13, 2014
If you’re a @dominos_pizzafrcustomer, u may want to know that we have offered Domino’s not to publish your data in exchange for 30,000EUR.
— Rex Mundi (@RexMundi_Anon) June 13, 2014