Pizza Hut customers took to Twitter to express their anger after learning the company failed to notify affected customers for nearly two weeks after discovering a data breach that exposed customer’s credit card details.

It seems like every day there’s another big name company caught leaving the front door open and the windows unlocked for hackers to wreak havoc and cause stress to its customers. First up this week? Pizza Hut.

“Hey @pizzahut, thanks for telling me you got hacked 2 weeks after you lost my cc number. And a week after someone started using it. #timely,” one unsatisfied customer tweeted this morning.

The pizza giant released a statement claiming a very small percentage of its customers who visited the US website or mobile app during a 28 hour period (from morning Oct 1, 2017, to mid-day Oct 2), and subsequently placed an order, may have had their credit card details compromised.

The compromised data includes the usual: Full names, billing zip codes, addresses, email addresses, and payment card details, including card numbers, expiration dates, and security codes.

Despite the public outcry regarding the delay in notifying impacted customers, Pizza Hut firmly stands behind their actions claiming to have identified the security mishap quickly and took immediate action to stop the incident from going any further.

Its good news for Pizza Hut that the General Data Protection Regulation (GDPR) is not yet in effect, because come May 25, 2018, incidents like these could cost companies’ fines of up to 20m, or 4% of global turnover. That’s a tough price to pay for delayed breach notification, but given the emphasis on ‘any data breach that may cause ‘serious harm’ to individuals affected by the breach,’  Pizza Hut breach would fall directly into this category.

When a customer’s financial data is compromised, they become vulnerable to identity theft, which is likely to cause emotional distress and extreme amounts of financial damage to an individual. It’s in a company’s best interest to begin notifying impacted customers immediately in an effort to maintain a level of trust with customers, minimize the damage for those impacted customers, and minimize the amount of bad press associated with suffering from a data breach.


Read this article on ComputerWeekly



NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

USA Offices
New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
1175 Peachtree St NE
Atlanta, Georgia, 30361.
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: (844) 898-8358
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified IBM Security
Copyright 2019, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.