Hacking group Rex Mundi has stolen the details of some 650,000 Domino's Pizza customers in France and Belgium, and threatened to publish that data in full unless the company coughs up a cool €30,000 (£24,000).
On Friday, Rex Mundi announced on its Twitter feed: "We hacked the websites of @dominos_pizzafr & Domino's Belgium, and downloaded 600,000+ customer records."
The group then followed up that tweet: "If you're a @dominos_pizzafr customer, u may want to know that we have offered Domino's not to publish your data in exchange for 30,000EUR."
Rex Mundi also noted that they told Domino's about the hack last Tuesday, and it took them four days to notify customers – and that Domino's had only patched one vulnerability on its Belgian site in the wake of the incident, leaving several others still present.
The hackers further urged customers to sue Domino's if it doesn't pay up, and the details end up being published online as a result.
The data includes names, postal and email addresses, phone numbers, passwords – and favourite pizza toppings (so if you're a big fan of anchovies, your secret may not be safe for much longer...). 592,000 records were from French customers, and 58,000 from Belgian.
According to Sky News, an executive at Domino's, Andre ten Wolde, said the blackmail demand would not be met, and a complaint has been filed concerning the incident in a Paris court. Domino's also clarified that financial information such as credit card numbers hadn't been involved.
Rex Mundi's latest update on Twitter popped up two hours ago, and the group is set to release the details tonight apparently. A tweet read: "Reminder to all @dominos_pizzafr customers: if the company doesn't start paying us, we will release your data tonight."