Pizza Hut
Data Leak
Over One Million Customer of Pizza Hut Australia Details Compromised in a Massiv...
In what has been a troubling year for Australian citizens concerned about their personal information, another cybersecurity incident has come to attention. This time, the victims are reportedly over a million customers of Pizza Hut Australia. The threat actors behind this data breach have identified themselves as the notorious ShinyHunters threat group.
## ShinyHunters' Intrusion via Amazon Web Services
ShinyHunters, under the moniker “Shiny,” claims to have infiltrated Pizza Hut Australia's systems approximately one to two months ago. Their point of entry?
[Amazon Web Services](https://www.secureblink.com/cyber-security-news/defunct-marketing-firm-reindeer-exposed-32-gb-worth-of-customer-data-via-a-faulty-amazon-s3-bucket) (AWS), which they leveraged through multiple access points.
What's particularly alarming is that they assert that their presence was completely undetected during this period of unauthorized access.
In 2020, the ShinyHunters gang gained infamy due to a series of cyberattacks that compromised the security of over 60 companies.
Among their corporate targets were online dating platforms, a service for creating photo books known as Chatbooks, and even stock-trading services.
Even tech giant Microsoft wasn't spared, as the group managed to pilfer more than 500GB of source code from Microsoft's confidential GitHub repository.
Despite law enforcement efforts to apprehend suspected members of this hacking group, ShinyHunters remains an ongoing concern for businesses entrusted with the critical task of safeguarding their customers' sensitive information.
## Extent of this Data Leak
The scale of this breach is staggering. ShinyHunters declares that they have successfully exfiltrated more than 30 million records. Among this treasure trove of data are customer orders and information pertaining to over one million Pizza Hut Australia customers. This includes a detailed breakdown of order history, delivery preferences, and contact details.
## Evidence of this Data Breach
To substantiate their claims, ShinyHunters provided DataBreaches with two sample files. The first file contained 200,000 records of customer orders, encompassing a wide array of information, such as order IDs, customer names, contact information, payment details, and even web hook URLs. This information was startlingly comprehensive.
The second sample file was in JSON format and contained the personal information of 100,000 customers. It included their names, email addresses, postal addresses, mobile phone numbers, service preferences (delivery or pickup), and credit card numbers. Although the credit card data was encrypted, it is concerning that other sensitive fields were stored in plaintext.
## Geo-Verification and Demands
We conducted spot checks on customer names and discovered individuals whose details matched the geographic location provided in the data samples. This corroborates the authenticity of the stolen data.
ShinyHunters has issued a ransom demand, seeking $300,000.00 in exchange for deleting all the compromised data. It's worth noting that ShinyHunters is known for selling or leaking data when their demands are not met. Thus far, Pizza Hut has not responded to their extortion attempts.
## Ransom Demands and Extortion
ShinyHunters' demand for a $300,000.00 ransom underscores the financial motivations behind this data leak. Organizations must develop incident response plans that include strategies for dealing with extortion attempts. Engaging with law enforcement and cybersecurity experts is crucial in such situations.
## Franchise Data Security
The presence of a "StoreID" field in the data raises questions about data management within franchise models. Security professionals should work closely with franchisees to ensure consistent cybersecurity practices and data protection measures across the entire network.
## Lack of Communication
The absence of any data breach notification on Pizza Hut Australia’s website is a significant oversight. Security professionals should emphasize the importance of timely and transparent communication with affected customers, regulators, and law enforcement agencies during and after a breach.
## Pizza Hut Australia's Response to the Data Breach
In the wake of the data breach affecting Pizza Hut Australia, the company has taken several steps to address the situation. Let's examine their response from a cybersecurity perspective:
### Prompt Notification
Pizza Hut Australia reacted promptly by notifying affected customers via email. Timely notification is a crucial component of incident response, helping individuals take necessary precautions to protect themselves from potential threats.
### Transparency and Reassurance
The company's communication emphasized no evidence of personal information misuse and that the exposed data cannot directly lead to identity theft or fraud. This transparency helps mitigate panic among affected customers and demonstrates a commitment to their security.
### Data Breach Reporting
Pizza Hut Australia reported the breach to the Australian Information Commissioner. This is a legal obligation in many jurisdictions and showcases the organization's commitment to complying with data protection regulations.
### Protection of Credit Card Details
Pizza Hut's assurance that credit card details remain secure due to processing by an approved payment platform is reassuring. It underscores the importance of secure payment processing mechanisms as an additional layer of defense against data breaches.
### Customer Vigilance
Encouraging customers to remain vigilant regarding suspicious emails, SMS messages, and phone calls is a proactive measure. Education and awareness are critical aspects of cybersecurity, as they empower individuals to identify and report potential threats.
### Scam Reporting
Pizza Hut Australia advises customers to report scams to Scamwatch. This collaborative approach to combating fraud and cybercrime is commendable. It leverages established authorities to investigate and take action against threat actors.
Pizza Hut Australia data breach, attributed to the ShinyHunters threat group, leaves a persistent impact experienced by fast food restaurant chains. This incident underscores the need for a comprehensive and proactive approach to cybersecurity, including:
Cloud Security: Rigorous assessment of cloud infrastructure and access controls is imperative to prevent unauthorized access via cloud platforms like AWS.
Data Protection: Strong encryption and hashing practices should be employed to safeguard sensitive information, especially when stored in plaintext.
Incident Response: Organizations must develop robust incident response plans that encompass strategies for handling ransom demands and engaging with law enforcement.
Franchise Collaboration: For businesses with franchise models, consistent cybersecurity practices and data protection measures should be enforced across the entire network.
Communication: Timely and transparent communication with affected parties, regulatory bodies, and law enforcement is critical in mitigating the fallout of a data breach.
As the threat landscape continues to evolve, proactive measures and a commitment to best practices are essential for organizations to protect themselves and their customers from the ever-present threat of cyberattacks.
