Hackers are threatening to release the personal information of French and Belgian customers of pizza chain Dominos – unless the company pays them €30,000 (£24,000) by 7pm tonight.
The details will include customers' full names, addresses, phone numbers, email addresses, passwords and delivery instructions.
The attack was perpetrated by hacking group Rex Mundi, who publicised the attack over Twitter. In a message on Dpaste.de, which has since been taken down the group said:
"And boy, did we find some juicy stuff in there! We downloaded over 592,000 customer records (including passwords) from French customers and over 58,000 records from Belgian ones.
"That's over six hundred thousand records, which include the customers' full names, addresses, phone numbers, email addresses, passwords and delivery instructions. (Oh, and their favorite pizza topping as well, because why not).
"We immediately sent various emails to both Domino's Pizza France and Belgium. We also used the contact forms on their websites to let them know of this vulnerability and to offer them not to release this data in exchange for 30,000 Euros.
"So far, Domino's Pizza has not replied to our demands. We would also like to point out that both of their websites are still up and vulnerable.
"Domino's Pizza has until Monday at 8PM CET to pay us. If they do not do so, we will post the entirety of the data in our possession on the Internet."
Domino's France issued a statement that admitted the attack and said that its customer database was also encrypted – however, it added, the hackers were "professionals" who were able to "decode the cryptographic system" in which its customer details had been encrypted.
The company says that it will not pay the ransom demanded and French police are now investigating the breach.
This paper seeks to provide education and technical insight to beacons, in addition to providing insight to Apple's iBeacon specification
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy