Establishing Digital Trust: Don't Sacrifice Security for Convenience
The Australian Web site for Pizza Hut was recently hacked, and customer data was compromised.
"The Pizza Hut website was allegedly hacked by a group called 0-Day and Pyknic with claims 240,000 credit card details were stolen in the process," writes ZDNet's Spandas Lui. "Reports of the hacking event began to surface late last night. Users that visited the Pizza Hut web site were redirected to another page which claimed the website has been compromised."
"This might put your mind at ease about the state of your dough, though: the restaurant told us this morning that it’s simply impossible for the hackers to have obtained credit card information from customers, simply because it doesn’t hold them internally," writes Gizmodo's Luke Hopewell. "As per PCI DSS rules, credit card numbers are handed off to a secure, authorised, third party to process and store transactions so that when these incidents go down, hackers don’t walk off with the whole pie."
Still, Pizza Hut did confirm that customer names and contact information (including e-mail addresses) were accessed.
"The company has notified the Office of the Information Commissioner and an investigation into the matter has been launched by Pizza Hut in collaboration with their website provider," writes Softpedia's Eduard Kovacs. "Pyknic is the same hacker (or hacker collective) who defaced several NBC websites on November 4."