- SMB Spotlight
The hackers behind a cyber-blackmail scam targeting Domino's Pizza failed to deliver on the threat to publish stolen customer data online, the firm has told V3.
The Rex Mundi hacking group claimed responsibility for stealing 600,000 customers' details from Domino's French and Belgian websites on Twitter last Friday. It threatened to publish the details online if the company did not pay €30,000 by the end of Monday 16 June.
The data reportedly included customers' names, phone numbers, email, street addresses and passwords.
Rex Mundi’s Twitter account was suspended before the deadline passed and there was no word from the group afterwards, leaving it unclear if it had followed up its threat, or if Domino's had paid.
A Domino's spokesman told V3 that the group went quiet because the firm called its bluff and did not pay the blackmailers.
“Nothing happened. Nothing. Once the franchise learned of the breach, they patched it up and contacted all of their online customers. Because there was no financial data involved, it boiled down to the mere inconvenience of having to change a pizza-ordering password,” said the spokesman.
“The hackers’ account was disabled by Twitter and they did not follow through on their threat to release the information. They got a bit of publicity, but nothing more. Everyone has moved on.”
Kaspersky security researcher Marta Janus told V3 the attacks like the one on Domino's are fairly common and she expects to see similar blackmail schemes in the near future.
“We have often seen hackers use Twitter to blackmail companies, not only with stolen data, but also with the threat of DDoS [distributed denial of service], etc. Because Twitter is used so widely by companies, it is an attractive platform for hackers to make threats anonymously.”
Domino's is one of many firms to suffer a data breach. Security firm Avast revealed that hackers had successfully stolen the personal details of 400,000 customers in May while eBay, Spotify and Office were all also hit.
The commonality of data breaches has led many security experts and analysts to view them as one of the biggest threats facing businesses.
Research from PwC and the UK Department for Business, Innovation and Skills (BIS) reported that each successful breach costs firms as much as £1.15m.