Although Domino's Pizza refused to pay a ransom, the hacking group Rex Mundi has yet to follow through on threats to release stolen customer data.

Sara Peters, Senior Editor

June 19, 2014

2 Min Read

Last week, hacking group Rex Mundi announced that it had stolen the customer records of 650,000 French and Belgian pizza fans, and would publish those records unless Domino's paid a ransom of €30,000 by Monday at 8:00 p.m. CST. Domino's refused. Yet it's now three days since the deadline to pay up passed, and Rex Mundi has still not followed through on its promise to publish the data it stole.

The data in question was slurped from the pizza chain's Belgian and French websites, where it was secured with a wee MD5 hash.

Rex Mundi claimed:

We downloaded over 592,000 customer records (including passwords) from French customers and over 58,000 records from Belgian ones. That's over six hundred thousand records, which include the customers' full names, addresses, phone numbers, email addresses, passwords and delivery instructions. (Oh, and their favorite pizza topping as well, because why not).

Domino's acknowledged, via Twitter, that they'd received the ransom request. The company has said it will not concede to the hackers' demands, and pointed out that the breached records do not contain financial information.

Rex Mundi did release six customer records (sans pizza topping preferences) as proof that they had the information. So far that's all they've revealed.

This is not the first time that Rex Mundi has demanded ransoms for stolen data, nor is it the first time that they've had their demands ignored. In April they did release the names of 12,000 customers of Belgian hosting firm Alfa Hosting, after the firm initially declined to pay up. Rex Mundi never disclosed the rest of the sensitive data they claimed to have -- either because Alfa had a change of heart and paid up or perhaps because Rex Mundi never had the info they claimed to have. In June 2012, they did follow through on threats, revealing thousands of records about bank loan applicants, including truncated Social Security numbers, when AmeriCash Advance refused to pay a $15,000 ransom.

Ransom requests have become a growing category of cybercrime, largely because of the popularity of CryptoLocker. No ransomware was used in this attack.

In its original announcement, the group pointed out that both of the hacked websites were "still up and vulnerable." The sites remain up for now. Domino's has advised customers to change their passwords.

About the Author(s)

Sara Peters

Senior Editor

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad of other topics. She authored the 2009 CSI Computer Crime and Security Survey and founded the CSI Working Group on Web Security Research Law -- a collaborative project that investigated the dichotomy between laws regulating software vulnerability disclosure and those regulating Web vulnerability disclosure.


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights