About Thawte

News

Cybercriminal activity: Domino's Pizza blackmailed by hackers

Recently, cybercriminals stole the account information of more than 600,000 Domino's customers in France and Belgium. However, instead of selling this data on underground marketplaces - which is the typical next step in a data breach of this kind - the hacker group blackmailed the restaurant.

While this type of attack is nothing new in the cybercriminal world, it does continually illustrate the importance of establishing strong protection measures to safeguard customers' sensitive information.

Domino's customer data held hostage by hackers
According to ZDNet, one hacker group tweeted that it had infiltrated Domino's systems and stolen more than 592,000 records from French customers, and over 58,000 records from Belian customers. The stolen data included consumers' names, house and email addresses, phone numbers, passwords and delivery details. Cyberthieves even went so far as to obtain the customers' favorite pizza toppings, boasting about that on their social media page as well.

"Earlier this week, we hacked our way into the servers of Domino's Pizza France and Belhium, who happened to share the same vulnerable database," the hacker group, which uses the Twitter handle @RexMundi_Anon, tweeted. "And boy, did we find some juicy stuff in there!"

Instead of running straight to the black market for a quick payout, however, the cybercriminals posted on Twitter that Domino's could prevent this information from being exposed to the public if they paid the group €30,000 (or more than $50,000) before 8 p.m. on June 16. The cybercriminal collective then extended the deadline to 5 a.m. the following day.

All the while, the group continued to post on their social media platform, noting that if the restaurateur didn't pay the ransom, customers should probably seek legal help.

"If @dominos_pizzafr doesn't pay us tomorrow and we publish your data, u have the right tosue them. Speak to ur lawyer!" the cybercrimnals' Twitter stated.

However, Business Insider noted that the company decided to take action, and their efforts did not include withdrawing a considerable sum from the back to pay off hackers. Instead, Domino's alerted French authorities to the breach and compromised customer information. This is just the most recent in a line of failed blackmail attempts by the hackers.

Protecting customer data
While Domino's clients have yet to see their favorite pizza toppings and other information published, this does serve as a wake up call to all businesses. Although the cybercriminals failed, they highlighted the weaknesses within Domino's system, including its shared database.

In order to better protect customer information, each branch of a company should have its own private server arrangement, separate from other resources. This content should also be safeguarded with authentication credentials to ensure that no unauthorized users can access the system. Furthermore, with encryption in place, even if hackers are able to sidestep the password protections, the content they access will be unreadable. If the pizza company had had these safeguarding measures in place, it would have considerably reduced their chances of being so publicly impacted by the breach.

Protect data in transit with an SSL certificate today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950

We have updated our Privacy Policy which can be found here.

Thawte is a leading global Certification Authority. Our SSL and code signing digital certificates are used globally to secure servers, provide data encryption, authenticate users, protect privacy and assure online identifies through stringent authentication and verification processes. Our SSL certificates include Wildcard SSL Certificates, SAN /UC Certificates and Extended Validation SSL Certificates.

What is an SSL Certificate Which SSL Certificate is Right for Me? Why Choose Thawte?