Pizza Lovers Suffer Data Breach From Hell 164
netbuzz writes "Some 230,000 New Zealanders have been informed that their personal information has apparently fallen into the hands of hackers who compromised the network of a locally famous food chain, Hell Pizza. The company says it suspects 'a rogue employee,' but one security expert says Hell's ordering portal is 'about 50 steps of fail.' Several New Zealand celebrities are among the victims and at least one is taking the matter in stride, musing: 'My Twitter has been hacked, my Facebook has been hacked and I'm pretty sure half of New Zealand has my phone number already. I have nothing bad to say about Hell.'"
Re:So Hell Pizza requires Facebook/Twitter UID? (Score:4, Insightful)
A different way to read it is that the other hacks were independent, and the anonymous celeb is saying that Hell is no worse than any of the other organizations which were entrusted with personal information.
Re:So Hell Pizza requires Facebook/Twitter UID? (Score:5, Insightful)
Sad (Score:4, Insightful)
Sadly, this isn't the only computer system security SNAFU. It isn't often that you hear about it, but many of the systems I have seen are security WTFs. I continue to be amazed at how little some programmers understand about their trade, and I just don't have words for people who think the security of their computer systems isn't important. Getting a system that is completely secure may be too much to expect, but the least you can do is not make it easy for someone to walk right in and do whatever they want with your data after 5 minutes of observing the publicly accessible part of your system!
Re:Sad (Score:5, Insightful)
Okay but how can you make a non-technical customer pay for security? They will go to the cheapest vendor and pay later when it stuffs up.
Re:It's a concern... (Score:3, Insightful)
Actually that's 99.936%, sir.
Oh god, I think I just overexnerded myself. :(
Re:at least they were upfront about it (Score:3, Insightful)
I appreciated their honesty,
Yeah, they were so honest, they forgot to tell you about the other 229,996 customers...
Re:The Good Old Pizza Times (Score:5, Insightful)
I thought the lesson was: If you fetch the chow, you're entitled to a service fee, payable in consumables purchased. Hmmm Lemming Pizza :P~
Re:SQL Injection (Score:4, Insightful)
Why else would you Hack into a Pizza chain, other than to order free pizza?
INSERT INTO ORDERS
SELECT [cheese] AS [topping 1], [pepperoni] as [topping 2], [free] AS [price], [asap] AS [priority]
Re:What I don't understand... (Score:5, Insightful)
why the hell some outfits feel the need to collect that much information about you just to sell you some food.
Email address: to reset your password if you forget it (you'd want an account so you don't have to type in your address and payment info each time).
Address: should be obvious.
Phone number: to phone in case they don't get an answer at the door.
TFA doesn't mention any extra personal details that were stolen. I don't see what's so crazy about them needing these other details for online ordering.