What happened?
We became aware in early September of a cyber security incident where an unauthorised third party accessed some of the company’s data. At this stage of our investigation, we have confirmed that the data impacted relates to customer record details and online order transactions held on our Pizza Hut Australia customer database. This includes information such as a customer’s name, delivery address and instructions, email address and contact number, as well as unusable masked credit card data and secure one-way encrypted password (for customers with online accounts).
From our investigation and the steps taken in response to the incident, we believe there is only a small proportion of customers on our database whose personal information has been impacted. We have notified these customers as well as the Office of the Australian Information Commissioner (OAIC) of the incident.
Why are we telling you?
Out of an abundance of caution we wanted to alert you to the incident, and take the opportunity to remind you of steps you can take to protect your information and avoid potential scams:
• Remain alert to any suspicious emails and SMS or telephone communications that are disguised to look like they come from someone you know or trust. Pizza Hut only sends you emails from noreply@orders.pizzahut.com.au, deals@deals.pizzahut.com.au or orders@orders.pizzahut.com.au.
• Verify communications by confirming the identity of the sender. This includes checking email names and domains, by hovering your mouse over the sender’s email address.
• Do not open links that look suspicious. If you are unsure about a link sent to you by a company, you should go to the company’s website and look for the product or service that was offered.
• Be alert to phishing scams. This could include scams that target you through post, phone or email. Phishing scams are attempts by scammers to trick people into providing their personal information, including passwords, credit card numbers and/or sensitive personal information. Get further information about how to avoid scams at www.scamwatch.gov.au.
• While this isn’t a necessity as our passwords are secured with one-way encryption, you may wish to consider updating your Pizza Hut Australia password.
• Get further information about online safety, cyber security and helpful tips at www.cyber.gov.au.
• Read our Privacy Policy on our website here: https://www.pizzahut.com.au/privacy to learn more about how we handle the personal information we collect about you and how to reach out about your privacy.
Our investigation is continuing, and we will update you if any additional relevant information becomes available.
Our thanks and apologies
We value all our customers across Australia and all of us at Pizza Hut Australia thank you for your ongoing support. We understand the trust you place in us and I sincerely apologise for any concern that this incident may have caused.
Yours sincerely,
Phil Reed
Chief Executive Officer
Pizza Hut Australia