Slashdot Mirror
Pizza Hut Leaks Credit Card Info On 60,000 Customers (kentucky.com)
An anonymous reader quotes McClatchy:
Pizza Hut told customers by email on Saturday that some of their personal information may have been compromised. Some of those customers are angry that it took almost two weeks for the fast food chain to notify them. According to a customer notice emailed from the pizza chain, those who placed an order on its website or mobile app between the morning of Oct. 1 and midday Oct. 2 might have had their information exposed. The "temporary security intrusion" lasted for about 28 hours, the notice said, and it's believed that names, billing ZIP codes, delivery addresses, email addresses and payment card information -- meaning account number, expiration date and CVV number -- were compromised... A call center operator told McClatchy that about 60,000 people across the U.S. were affected.
"[W]e estimate that less than one percent of the visits to our website over the course of the relevant week were affected," read a customer notice sent only to those affected, offering them a free year of credit monitoring. But that hasn't stopped sarcastic tweets like this from the breach's angry victims.
"Hey @pizzahut, thanks for telling me you got hacked 2 weeks after you lost my cc number. And a week after someone started using it."
"[W]e estimate that less than one percent of the visits to our website over the course of the relevant week were affected," read a customer notice sent only to those affected, offering them a free year of credit monitoring. But that hasn't stopped sarcastic tweets like this from the breach's angry victims.
"Hey @pizzahut, thanks for telling me you got hacked 2 weeks after you lost my cc number. And a week after someone started using it."
on some machine that it capable of being cracked ? Once they have sought payment from the credit card company - why do they keep the CVV number ? If, for some reason, they really need to (eg: easy next order), then keep all that sensitive information on some machine with a very narrow API (eg: charge customer 1234 $20 - tell me if this is approved). Many problem could be, at least partly, mitigated if they did not store everything in one big damn SQL database!
Tell you what then: Post your CC details here, and I'll go eat at Pizza Hut tonight. We can touch base again here week to see how we're both doing.
Cash doesn't come with zero liability like credit cards often do. If one's card is stolen or number compromised, they're just mailed a new card. Easy, no hassles. Sure, one occasionally hears horror stories, but that's why one should be somewhat selective with the credit card issuers they choose to do business with.
As for accumulating debt, one can just pay the bill in full every month like many do. In which case, no debt to worry about. So one gets all the benefits of zero liability, plus rewards, extended warranty, plus convenience. Cash is easy to lose, easy to steal, easy to get wrong change, plus the slight chance of getting counterfeit bills too.
Also, good luck trying to mail order anything with cash. Most places don't accept COD anymore. Sure one could mail a money order or check, but good luck with that. Pre-paid and debit cards are a work-around for mail order, but are no panacea; less ideal than paying with a credit card. For renting a car, the guest with a credit card will be well on their way while the cash customer is still waiting on paying the sizable deposit, which may be based, in part, on one's credit. A catch-22 there for one who doesn't use any credit cards.
Bottom line, despite all the issues, cashless payments is the reality. Even more so for young people today who often avoid using cash even for the smallest purchases. Anyone working in retail observes this every day.