Pizza Hut Leaks Credit Card Info On 60,000 Customers (kentucky.com) 26
An anonymous reader quotes McClatchy: Pizza Hut told customers by email on Saturday that some of their personal information may have been compromised. Some of those customers are angry that it took almost two weeks for the fast food chain to notify them. According to a customer notice emailed from the pizza chain, those who placed an order on its website or mobile app between the morning of Oct. 1 and midday Oct. 2 might have had their information exposed. The "temporary security intrusion" lasted for about 28 hours, the notice said, and it's believed that names, billing ZIP codes, delivery addresses, email addresses and payment card information -- meaning account number, expiration date and CVV number -- were compromised... A call center operator told McClatchy that about 60,000 people across the U.S. were affected.
"[W]e estimate that less than one percent of the visits to our website over the course of the relevant week were affected," read a customer notice sent only to those affected, offering them a free year of credit monitoring. But that hasn't stopped sarcastic tweets like this from the breach's angry victims.
"Hey @pizzahut, thanks for telling me you got hacked 2 weeks after you lost my cc number. And a week after someone started using it."
Re: Nanny state (Score:1)
I need it! Either you get me my stuffed crust or you get on your knees and Instuff your crust. Now what's it gonna be?!?
Re: Nanny state (Score:1)
(gets on knees, opens mouth wide)
Do what you must, stuff my crust.
Re: (Score:1)
All their food tastes like shit now. They cheapened things up and tried to make them healthier. Give me that greasy food they used to make in the 90s.
Cash (Score:2, Interesting)
And folks, that's why cash is best.
Credit cards are nothing but evil. Although, if you want to travel, you can't live without them.
Credit is just an evil. There's very little good about it - for consumers.
Now, business credit is called "leverage" and that's a whole different issue.
But for Joe Public, credit cards should just be outlawed. Just destroy them and their business. If it weren't for them, much of our economic dysfunction wouldn't exist. It just distorts everything....
Re: (Score:2)
Re: (Score:2)
Do the banks go after Pizza Hut for their losses?
I think we can relax (Score:2)
Why do they keep all that information ... (Score:4, Insightful)
on some machine that it capable of being cracked ? Once they have sought payment from the credit card company - why do they keep the CVV number ? If, for some reason, they really need to (eg: easy next order), then keep all that sensitive information on some machine with a very narrow API (eg: charge customer 1234 $20 - tell me if this is approved). Many problem could be, at least partly, mitigated if they did not store everything in one big damn SQL database!
Pizza Hut problems (Score:3, Insightful)
Re: (Score:1)
Tell you what then: Post your CC details here, and I'll go eat at Pizza Hut tonight. We can touch base again here week to see how we're both doing.
1%, Caught within 28 hours, calling in experts (Score:4, Interesting)
According to the article, it affected fewer than 1% of customers that weekend, the intrusion was stopped within 28 hours, and they've called in outside experts to take an objective look at it and help them improve their security posture. They did get hacked, AND they are doing some things right.
It looks like they had some monitoring in place that caught it - good.
They are getting assistance from security professionals - good.
Those professionals don't work for the same internal IT department that had a deficiency in the first place - good.
The fact that they got hacked means there were several things wrong. They should have had multiple layers of security. Yet they are also doing some things right.
