VERIFY: Was Pizza Hut hacked and did they wait two weeks to tell anyone?

Was Pizza Hut hacked and did they wait two weeks to tell anyone?

QUESTION:

Was Pizza Hut hacked and did they wait two weeks to tell anyone? One viewer says the Pizza Hut email notice asked her for her Social Security Number--is it fraudulent? 

ANSWER:

Yes, Pizza Hut was hacked and they waited two weeks to inform customers. No, the Pizza Hut email notice is not fraudulent, but the URL that asked for the Social Security number is from their free credit monitoring service Knoll. 

SOURCES:

Doug Terfehr, Senior Director Public Relations-Pizza Hut 

Pizza Hut Email Statement

PROCESS:

Pizza Hut's eating humble pie--and it's two weeks old. An order that never got delivered. 

The fast food chain's mobile app and website were hacked between Oct. 1- Oct. 2, but Pizza Hut first announced the hack on Saturday, Oct. 14. 

"We quickly resolved a third-party security intrusion on our website and mobile app that may have compromised the information of a limited number of customers for a short period of time," Pizza Hut Spokesperson Doug Terfehr said. "Pizza Hut identified the security intrusion quickly and took immediate action to halt it and remediate the security issue. We estimate that less than one percent of the visits to our website the week of the incident was affected."

Customers' names, emails, addresses, zip codes, credit card numbers, card expiration dates and CVV numbers were all exposed during the 28-hour period when the site was breached.

Frustrated Facebook and Twitter users are going bananas that the company didn't tell them sooner. This comes after the Equifax disaster that left 145.5 million Americans vulnerable to identity theft. In that case, customers were notified over two months after the breach.

Karen Conchar, a Verify viewer from Midland, Virginia received Pizza Hut's email and immediately contacted Verify asking if it was legitimate. She says the email redirected her to a site that requested her Social Security number. 

Spokesman Doug Terfehr says the email is legitimate and that the company is offering free one-year credit monitoring to all it's customers as a courtesy. 

Only if you opt-into the credit monitoring service does it ask for your name, address, Social Security, and other identifying information. Pizza Hut itself is not requesting anyone's Social Security number.

Some precautions you can take if you are the victim of a security breach and possible identity fraud:

Consider putting a temporary freeze on your credit

Monitor your bank statements

Consider opting into a company-offered credit monitoring service. They'll let you know if hackers opened an account in your name. 

Help VERIFY

Help our journalists VERIFY the news. Do you know someone else we should interview for this story? Did we miss anything in our reporting? Is there another story you'd like us to VERIFY? Click here.

© 2017 WUSA-TV


JOIN THE CONVERSATION

To find out more about Facebook commenting please read the
Conversation Guidelines and FAQs

Leave a Comment