Pizza Hut Australia warns 193,000 customers of a data breach

Pizza with data flying off of it

Pizza Hut Australia is sending data breach notifications to customers, warning that a cyberattack allowed hackers to access their personal information.

The notification warns that the hacker gained unauthorized access to Pizza Hut Australia systems storing sensitive info for customers who made online orders, as well as partial financial data and encrypted account passwords.

“We became aware in early September of a cyber security incident where an unauthorized third party accessed some of the company’s data,” reads the notice sent to customers.

“We have confirmed that the data impacted relates to customer record details and online order transactions held on our Pizza Hut Australia customer database.”

Notice sent to customers (@seamus_polsci)

The information that has been exposed to the network intruders includes the following:

  • Full name
  • Delivery address
  • Delivery instructions
  • Email address
  • Phone number
  • Masked credit card data
  • Encrypted passwords for online accounts

The restaurant chain, which operates in 260 locations in Australia, says recipients of its notices “may wish to consider” updating their password despite being “one-way encrypted” in the database.

Moreover, the notice urges customers to stay vigilant for phishing attacks and suspicious links sent to them via unsolicited communications.

Ultimately, Pizza Hut says the incident only impacts a small number of its customers, and the Office of the Australian Information Commissioner (OAIC) has been fully informed about the situation.

The exact number of impacted customers was disclosed via a statement from a Pizza Hut spokesperson to The Guardian, stating that the incident affected 193,000 people.

Past incidents

At the start of September 2023, DataBreaches reported that the notorious data broker ‘ShinyHunters’ made claims about stealing the data of 1 million customers of Pizza Hut Australia.

The threat actor alleged they gained access via an unprotected Amazon Web Services (AWS) endpoint between July and August 2023, accessing a database with 30 million orders.

Pizza Hut Australia never responded to these allegations, so it is unclear whether the two incidents are in any way related.

Earlier this year, in January 2023, the owner of Pizza Hut, Yum! Brands, was targeted by a ransomware attack that forced the closure of three hundred locations in the United Kingdom.

In April 2023, the firm confirmed that the threat actors had stolen employee information from its networks, albeit it found no evidence that customers were affected by the data breach.

Original Source

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

 To keep up to date follow us on the below channels.