Pizza Hut is facing a lot of angry customers this week after it waited two weeks to inform them of a security breach. Anyone placing an order in the US using the company’s website or mobile app on Oct. 1-2 may have had their credit card details stolen.
Pizza Hut sent out an email to customers on October 14, informing them of the breach. The company classed it as a “temporary security intrusion,” which made transactions carried out between the morning of Oct. 1 and midday October 2 vulnerable.
The information stolen includes names, delivery addresses, email addresses, and payment card information including the number, expiration date, and the CVV number.
Some customers are now reporting their cards have been used fraudulently; presumably if Pizza Hut had informed customers of the breach immediately, action could have been taken to cancel cards and avoid the fraud.
“We quickly resolved a third-party security intrusion on our website and mobile app that may have compromised the information of a limited number of customers for a short period of time,” the statement issued by Pizza Hut said. “Pizza Hut identified the security intrusion quickly and took immediate action to halt it and remediate the security issue.
“We estimate that less than one percent of the visits to our website the week of the incident was affected. We take the privacy and security of our customers very seriously and invest in resources to protect the customer information in our care. We value the trust our customers place in us and while we were able to address this incident quickly, we regret that this happened and apologize for any inconvenience this may have caused,” the statement continues.
Pizza Hut is offering a year of free credit monitoring with Knoll Information Assurance, affected customers have up to January 11 to register for the service.
Based Blockchain Network