Pizza Hut has revealed it suffered a data breach on October 1, which lead to customers having their payment details swiped by hackers and used to commit fraud.
“Pizza Hut has recently identified a temporary security intrusion that occurred on our website,” the company wrote in the email, according to Beeping Computer.
“We have learned that the information of some customers who visited our website or mobile application during an approximately 28-hour period (from the morning of October 1, 2017, through midday on October 2, 2017) and subsequently placed an order may have been compromised.
“Pizza Hut identified the security intrusion quickly and took immediate action to halt it.”
However, Pizza Hut appears to have been too slow to react as people tweeted the company angrily noting that the data breach had led to cyber criminals attempting to use their stolen credit card details, and criticising Pizza Hut for taking two weeks to inform them of the data breach.
— Peter Yoachim (@PeterYoachim) October 14, 2017
But the pizza delivery company was adamant that only a small number of its customers had been affected: “The security intrusion at issue impacted a small percentage of our customers and we estimate that less than one percent of the visits to our website over the course of the relevant week were affected.”
A slow response to the data breach could land Pizza Hut in hot water with the Information Commissioner’s Office, which takes a dim view on poorly handled breaches in data security.
Pizza Hut is not alone in suffering data breaches and theft, as its rival Dominoes also had data stolen from it and held at ransom by cyber criminals.
Quiz: Are you a security pro?