Payment card details of Pizza Hut customers were stolen in a recent breach, and the delay in reporting the breach has customers sharing their feedback via Twitter.

Pizza Hut informed customers of the breach via email on October 14. The email, shared on social media by some recipients, stated that affected customers placed orders on the company’s mobile app or website between the morning of October 1 and midday on October 2. The email indicated the “temporary security intrusion” lasted for around 28 hours, and details leaked are believed to include names, billing post codes, delivery addresses, email addresses and payment card information. Card information such as account number, expiration date and CVV number was compromised. Pizza Hut stated:

“The security intrusion at issue impacted a small percentage of our customers and we estimate that less than 1% of the visits to our website over the course of the relevant week were affected.”

The company didn’t say exactly how many customers were affected, but some reports say around 60,000 people across the US were affected, citing a call center operator.

The Good, The Bad, and the Feedback

On the positive side, Pizza Hut was very quick to detect the breach. Javvad Malik, security advocate at AlienVault, said:

“Compared to many recent breaches, Pizza Hut detected the breach relatively quickly and so limited the number of customer card details stolen. It goes to illustrate the importance and value of having good threat detection and response controls in place so as to limit exposure.”

On the negative side, Pizza Hut failed to promptly alert customers of the breach. The delay of almost two weeks is causing plenty of negative feedback on Twitter from those affected.

Take Steps to Be Prepared

The rise of social media gives everyone access to a bullhorn. So, dissatisfied customers like those affected by the Pizza Hut breach are front and center with their feedback and Pizza Hut faces damage to their brand and corporate reputation.

Deciding how to respond to a breach after the breach occurred is a case of closing the barn door after the horse has escaped. Beyond ongoing threat detection to listen for suspicious activity, organizations must have a breach response plan in place. The plan should include elements such as:

  • Reporting requirements upon breach detection: who is alerted internally and what are their responsibilities?
  • Mitigation options, such as changing affected customers’ passwords
  • Format of and responsibility for messages to affected customers and to the public
  • Talking points for call center and customer support staff

For additional details on how to craft a response plan and the items to include in the plan: