Taking a break from their world-class social media account, Domino's French Twitter account was tasked with admitting that the pizza chain had been hacked, and personal info from over 600,000 customers in France and Belgium had been stolen.
Whoops; that's not it. Here we go:
Screenshot: the author's
The gist of the tweets is that this was probably the work of professionals, Domino's wants you to change your password, and they're sorry.
The culprits go by the handle Rex Mundi and, in a post on Dpaste.de, demanded 30,000 euros to keep the information in question—which according to the hackers includes “the customers' full names, addresses, phone numbers, email addresses, passwords and delivery instructions. (Oh, and their favorite pizza topping as well, because why not)”—secret. Given what passes as cheese on a Domino's pizza, I should think that French customers would be ruined by the release of this information.
But Domino's will not be threatened and will not negotiate. Taking a stand that's zestier than their zestiest ball of chicken, Andrew Rennie, the chief executive of Domino's Pizza Enterprise Europe, vowed not to be intimidated.
“We refuse to be extorted and we are not going to play that game,” Rennie told the Financial Times. “It cannot be good for anybody if companies pay ransoms. We have to take a stance on this.”
Whether or not the Domino's customers of France and Belgium wish to be dragged to the hacking barricades, it looks like they're going there alone. According to Domino's Vice President of Communications Tim McIntyre , the hacking was isolated to independent franchise markets in the neighboring nations, although judging from the language that the Belgian info is in, it seems they have gotten both Flanders and Wallonia in Belgium.
This won't be Domino's Waterloo, though, as the online ordering system didn't collect credit card orders, which makes this sort of the Domino's Pizza of a hack—inexplicably far reaching, but sort of a let down.
This isn't the first time that Rex Mundi has struck. Unlike hacktivists, Rex Mundi doesn't make any claims beyond simply wanting money. In 2012, they published thousands of loan-applicant records that they had taken from AmeriCash Advance's website, after the payday lender refused to pay the $15,000 and $20,000 ransom, which Ted Samson at InfoWorld noted they called an "idiot tax." In 2013, Mundi threatened to release information they had swiped from the Belgian financial company Buy Way and demanded $20,000 not to release it, which they claim another company offered to do .
Anyway, if you needed further proof that everything you do online can and will come to light, even those shameful moments of sloth where you're too lazy to even order a decent pizza. Keep this in mind.