Pizza Hut U.S. notified customers over the weekend a “temporary security intrusion” on PizzaHut.com, the security breach might have exposed payment card and contact information.
The popular restaurant chain notified users via email, according to Pizza Hut, the hackers had access to the website for a total of roughly 28 hours, between the morning of October 1, 2017 through midday on October 2, 2017.
“The security intrusion at issue impacted a small percentage of our customers and we estimate that less than one percent of the visits to our website over the course of the relevant week were affected,” read a message sent only to those affected. “That said, we regret to say that we believe your information is among that impacted group.”
The data-center fielding calls on the incident told journalists that some 60,000 consumers had been affected in the breach.
Pizza Hut released their breach notice over the weekend – but a full 2 weeks after the breach happened.
Were they thinking that over the weekend, less people (and perhaps journalists/bloggers) would notice? Perhaps they were. We retweeted about it over the weekend, but some users are VERY annoyed as their credit cards have been fraudulently used – and rightfully so:
@pizzahut great security there & thanks for the delay in notifying us after thieves already charged our accts. Keep up the excellent work
— Michael Richardson (@marichardsonjr) October 14, 2017
so @pizzahut sent an email today about a breach that occurred 2 weeks ago. their delay resulted in my bank acct being drained thx to fraud.
— ᴄᴏᴜʀᴛɴᴇʏ. (@runawaywithit) October 14, 2017
Hey @pizzahut, thanks for telling me you got hacked 2 weeks after you lost my cc number. And a week after someone started using it.#timely
— Peter Yoachim (@PeterYoachim) October 14, 2017
@pizzahut, 2 wks after you lost my cc # and a week after someone started using it, I hear about the breach online. Ty 4 the heads up. #fail
— Dustin Falgout (@dustinfalgout) October 15, 2017
Is it time that we had legislation on how timely a data-breach must be? We think it might…
Meanwhile, there is a real probability that had their web services employed data-leak protection solutions, they would have been alerted to systems leaking data much quicker they were.
While a large corporation like Pizza Hut will probably weather the breach and negative PR storm, would your small business handle it? Maybe not! Make sure your small connected business has state of the art Data Leak Protection systems in place! We can help with this!