This story is over 5 years old.

If You're Going to Hack Domino's, Don't Do This

A group of hackers known as Rex Mundi have done the unthinkable: They've infiltrated the accounts of over 600,000 Domino's pizza customers and are holding the customer data as ransom.
Photo via Flickr user The Pizza Review

A group of hackers known as Rex Mundi have done the unthinkable. They have infiltrated the accounts of over 600,000 Domino's pizza customers in Belgium and France. As nice as it is to think that maybe they just needed help on deciding what toppings to get, these hacker's intentions are more on the malicious end of the spectrum. You see, this customer data is being held ransom. Domino's is being told to cough up over 30,000 euros if they want that precious customer data to stay private.


In an even bolder move, this group wrote their message loud and clear for all the internet to see. They start off:

"Dear friends and foes"—you should already be shaking in your boots. This powerful hacker tactic forces you to ask the age old question, which am I? A friend or a foe? They continue, "Earlier this week, we hacked our way into the servers of Domino's Pizza France and Belgium, who happen to share the same vulnerable database. And boy, did we find some juicy stuff in there!" This was the perfect opportunity for a pun, and they failed to come through. Could "saucy" have worked? We found some saucy stuff in there…no. How about cheesy? Gooey? Hot? We found some hot stuff in there? No. Damn, writing ransom notes is hard.

Moving on: "We downloaded over 592,000 customer records (including passwords) from French customers and over 58,000 records from Belgian ones. That's over six hundred thousand records, which include the customers' full names, addresses, phone numbers, email addresses, passwords and delivery instructions. (Oh, and their favorite pizza topping as well, because why not)."

Oh God, the horror. Not only do they have your email address but they also have your preferred pizza toppings. There's no telling the damage this can do. Politicians will be outed as mushroom lovers. Mothers will have to face their children and confess to ordering extra olives. Frat bros will be forced to admit that in the privacy of their own dorms, they order thin crust and request light cheese, because deep down they're health-conscious pansies!

The rest of the ransom note states that they've contacted Domino's France and Belgium, and have alerted them of this breach. "We also used the contact forms on their websites to let them know of this vulnerability and to offer them not to release this data in exchange for 30,000 Euros." Nothing says cyber rebel like using the contact form on the official website. If Domino's fails to cough up the dough (now that's a good pun), they'll publish all the information on a public forum. Domino's, however, assures that this group could not have gotten any banking information. Business Insider writes, "A Domino's spokesperson said that the affected data in question only involved names, email addresses, and phone numbers, and emphasized that no banking or financial information was accessed, as the company doesn't retain it." With that in mind, Domino's took this breach to the authorities, making this yet another failed attempt on Rex Mundi's behalf to blackmail a company for money.

Is it wrong to say that I kind of feel bad for them? All these guys want is some monetary compensation for their criminal activity. Rex Mundi, if you really want to put your money where your mouth is, maybe venture out into the 3-D world and go on a real food heist. Those are far more successful. For instance, Russian thieves stole 845 cans of caviar worth $470,000. In Germany, over 5 tons of Nutella was stolen, worth around 16,000 euros. That's a whole month's worth of Nutella! In both cases, the criminals simply stole the trucks containing all the food. Now, that's some good old-fashioned theft. Sometimes it's best to stick to the classics. I wouldn't recommend sticking with Domino's, however, since stealing their pizza from a delivery driver's car would be worth a maximum of $15.