Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Pizza Lovers Suffer Data Breach From Hell

samzenpus posted about 4 years ago | from the hell-of-a-breach dept.

Security 164

netbuzz writes "Some 230,000 New Zealanders have been informed that their personal information has apparently fallen into the hands of hackers who compromised the network of a locally famous food chain, Hell Pizza. The company says it suspects 'a rogue employee,' but one security expert says Hell's ordering portal is 'about 50 steps of fail.' Several New Zealand celebrities are among the victims and at least one is taking the matter in stride, musing: 'My Twitter has been hacked, my Facebook has been hacked and I'm pretty sure half of New Zealand has my phone number already. I have nothing bad to say about Hell.'"

cancel ×

164 comments

Sorry! There are no comments related to the filter you selected.

The Good Old Pizza Times (5, Funny)

PizzaAnalogyGuy (1684610) | about 4 years ago | (#33065340)

This reminds me of the time when I was 13. We had just got out of school and bicycled home. You know why? Because I, let me clarify _I_, had this new awesome game Lemmings. When we got to my house, I would fire up my Amiga and we would just laugh at the stupid lemmings jumping to their death if I didn't do something to stop them. Making them dig, guide others, or give them umbrellas - it was great.

The problem was that later on we obviously got hungry. This happened many times. Someone had to go get some food. Pizza was the obvious choice. But who would it be? I didn't want to. So we played a game of rock paper scissors. Damn, I lost. I tried to have an another round, but they didn't let me. There was nothing I could do.

I had to get up my ass and go get pizza. I asked my friends what they wanted. Adam said he wanted a delicious Pepperoni pizza. Jim said he wanted a Hawaiian pan pizza. I tried to remember their choices and took my bike. On the way over to the restaurant I tried to think what I want. Supreme pizza, double-cheese or maybe double bacon cheeseburger pizza?

I arrived at the pizza place. The taste was beautiful. I felt like I was home. I walked in and ordered three large pizzas, mine being the double bacon cheeseburger pizza. I felt so hungry. I just wanted to grab the pizza and eat. When the pizzas came, I had to eat there. I also took a few pieces of my friends pizzas because I wanted to taste them. Man I was happy.

Back then we didn't have credit cards, so I paid with the small amount of money that was in my pocket. No problems for the vendor, no problems for me, and everything worked greatly. The lesson being - pay with cash.

Re:The Good Old Pizza Times (5, Funny)

Anonymous Coward | about 4 years ago | (#33065366)

I thought the lesson was..

"Don't let your asshole friend go to get the pizza, cause all he'll bring you home is a couple of cold slices"

What I don't understand... (4, Interesting)

BrokenHalo (565198) | about 4 years ago | (#33066010)

...is why the hell some outfits feel the need to collect that much information about you just to sell you some food. After all, it doesn't make them a single extra sale. If you're not hungry, you're not going to buy a pizza.

Any shop that tries to get that kind of information out of me gets a flat refusal. Likewise, any venue that tries to take my fingerprints or iris scan.

Re:What I don't understand... (1)

socceroos (1374367) | about 4 years ago | (#33066064)

Likewise, any venue that tries to take my fingerprints or iris scan.

Ah, my friend, these days they just digitally map your face using the 10s to 100s of cameras that film you every day. We know who you are, citizen.

Re:What I don't understand... (4, Insightful)

somersault (912633) | about 4 years ago | (#33066220)

why the hell some outfits feel the need to collect that much information about you just to sell you some food.

Email address: to reset your password if you forget it (you'd want an account so you don't have to type in your address and payment info each time).
Address: should be obvious.
Phone number: to phone in case they don't get an answer at the door.

TFA doesn't mention any extra personal details that were stolen. I don't see what's so crazy about them needing these other details for online ordering.

Re:What I don't understand... (1, Informative)

Anonymous Coward | about 4 years ago | (#33066562)

Email address: to reset your password if you forget it (you'd want an account so you don't have to type in your address and payment info each time).

Surely, if that's all they are storing the email address for, they should store a hash of the address instead. Passwords can be recovered by entering the username and email, the email is checked against the hash and then used to send out the password change details.

Less plaintext data in the database means less data escapes during a breach. Yes it would still be possible for addresses to be tested against the exposed hash column in the hope of a few matches, but at least it's not a phishers to-do list.

Re:The Good Old Pizza Times (2, Funny)

Fluffeh (1273756) | about 4 years ago | (#33065444)

I had to get up my ass and go get pizza. I asked my friends what they wanted. Adam said he wanted a delicious Pepperoni pizza. Jim said he wanted a Hawaiian pan pizza. I tried to remember their choices and took my bike. On the way over to the restaurant I tried to think what I want. Supreme pizza, double-cheese or maybe double bacon cheeseburger pizza?

So, PizzaAnalogyGuy, there seems to have been a little bit of a mix-up. This story wasn't supposed to get published till Christmas and your dream story ended up on /.

Between me and you, don't be expecting anything big under the tree in a few months. You can however, cherish this story, and the fact that you got first post on it.

*sips coffee*

Re:The Good Old Pizza Times (4, Funny)

_Sprocket_ (42527) | about 4 years ago | (#33065478)

Back then we didn't have credit cards, so I paid with the small amount of money that was in my pocket.

Did you have to move aside the onion you wore on your belt as that was the fashion at the time?

Re:The Good Old Pizza Times (1)

pookemon (909195) | about 4 years ago | (#33065654)

They didn't have Amiga's back in Nineteen-Splickety-Two! The Kaiser stole them!

Yes SIR!!!! (2, Funny)

uvajed_ekil (914487) | about 4 years ago | (#33065536)

I will get my ass of your lawn immediately, SIR!!!!

Re:The Good Old Pizza Times (1, Informative)

SpzToid (869795) | about 4 years ago | (#33065668)

replying due to unintentional mod.

Re:The Good Old Pizza Times (0, Offtopic)

synnthetic (103582) | about 4 years ago | (#33065802)

Any cute girls have my phone number?? Please do call me

Re:The Good Old Pizza Times (4, Insightful)

pinkushun (1467193) | about 4 years ago | (#33066006)

I thought the lesson was: If you fetch the chow, you're entitled to a service fee, payable in consumables purchased. Hmmm Lemming Pizza :P~

Security audits? (2, Funny)

strayant (789108) | about 4 years ago | (#33065350)

Shouldn't they be audited routinely if they conduct business online?

Re:Security audits? (1)

uvajed_ekil (914487) | about 4 years ago | (#33065420)

Uh... oh yeah, you mean "security audits." Yeah, uh, sure, we do that.

It's a concern... (4, Funny)

astroengine (1577233) | about 4 years ago | (#33065364)

I'd hate it if half of New Zealand knew how much pizza I eat.

Re:It's a concern... (0)

Anonymous Coward | about 4 years ago | (#33065502)

Given that NZ is on the other side of the world I couldn't care less what half of NZ know about my pizza habits.

Re:It's a concern... (1)

uvajed_ekil (914487) | about 4 years ago | (#33065562)

So, thank god you're like the other 99.6% of the world, and you DON'T live in New Zealand.

Re:It's a concern... (2, Informative)

MichaelSmith (789609) | about 4 years ago | (#33065604)

Its actually a really nice place. Without a doubt the best place I have been outside Australia. Their government is small scale, but it seems to work better that way.

Re:It's a concern... (5, Funny)

tehcyder (746570) | about 4 years ago | (#33066022)

Its actually a really nice place. Without a doubt the best place I have been outside Australia.

So you've just been there and Australia then?

Re:It's a concern... (0, Redundant)

MichaelSmith (789609) | about 4 years ago | (#33066126)

Its actually a really nice place. Without a doubt the best place I have been outside Australia.

So you've just been there and Australia then?

I live in Australia but I have been to NZ on holiday.

Re:It's a concern... (1)

mb1 (966747) | about 4 years ago | (#33066744)

We'll still take that, thanks.

Re:It's a concern... (1)

Cimexus (1355033) | about 4 years ago | (#33066168)

Yeah agreed. Lovely country and I'd agree - best I've been to outside Australia in terms of where I'd want to live. And I've been to: the UK, the US, Canada, France, Singapore, Fiji (and Australia and NZ obviously).

Re:It's a concern... (2, Insightful)

MachDelta (704883) | about 4 years ago | (#33065750)

Actually that's 99.936%, sir.

Oh god, I think I just overexnerded myself. :(

Re:It's a concern... (3, Funny)

Dunbal (464142) | about 4 years ago | (#33065860)

To be fair, he was including the sheep.

Re:It's a concern... (0, Flamebait)

mb1 (966747) | about 4 years ago | (#33066756)

Woah. Hilarious. Got anything else?

So Hell Pizza requires Facebook/Twitter UID? (1, Redundant)

The Pirou (1551493) | about 4 years ago | (#33065374)

Or is the anonymous celeb indicating that he uses the same u/p for every single website he visits? Were that the case, it'd be interesting to see what other websites he/she has signed up for that haven't been compromised. I've heard you can't teach an old dog new tricks...

Re:So Hell Pizza requires Facebook/Twitter UID? (3, Insightful)

cduffy (652) | about 4 years ago | (#33065434)

A different way to read it is that the other hacks were independent, and the anonymous celeb is saying that Hell is no worse than any of the other organizations which were entrusted with personal information.

Re:So Hell Pizza requires Facebook/Twitter UID? (1)

hvm2hvm (1208954) | about 4 years ago | (#33066116)

Or that the "anonymous celeb" just doesn't understand what it means to have a secure password and security question and not entering them in phishing sites...

Re:So Hell Pizza requires Facebook/Twitter UID? (1)

_Sprocket_ (42527) | about 4 years ago | (#33065446)

I think he's indicating that he doesn't care about his personal information because he's already given most of it away on Facebook and Twitter. That, and he's a celebrity - personal life is the coin of that realm.

Re:So Hell Pizza requires Facebook/Twitter UID? (4, Insightful)

uvajed_ekil (914487) | about 4 years ago | (#33065482)

No, he's saying that all of the otherwise-reputable companies he trusts have been letting him down lately because of their poor internet security. Facebook? Sucks. Hell Pizza? A big chain, i presume, and sucky security, obviously. Twitter? I don't know, but I don't trust them with anything important. Lots of banks, a ton of universities, and many other entities of various sizes expose you to risks such as identity theft. Strong, unique passwords are a no-brainer, but you can't protect yourself if the sites you trust expose your info to every script kiddie and 1337 hax0r who comes along. But I suppose knowing who the "celebrity" (quotes because we are talking about New Zealand) is, and thus how likely to be targeted he or she is.

Re:So Hell Pizza requires Facebook/Twitter UID? (4, Funny)

MichaelSmith (789609) | about 4 years ago | (#33065564)

the "celebrity" (quotes because we are talking about New Zealand)

Its obviously Russell Crowe

Re:So Hell Pizza requires Facebook/Twitter UID? (1)

socceroos (1374367) | about 4 years ago | (#33066088)

Shutup. We claimed Russell.

Re:So Hell Pizza requires Facebook/Twitter UID? (0)

Anonymous Coward | about 4 years ago | (#33066330)

And we're still grateful. Thank you, thank you, thank you ...

Re:So Hell Pizza requires Facebook/Twitter UID? (0)

Anonymous Coward | about 4 years ago | (#33065990)

Did anyone actually read the source?? The celebrity is Dai Henwood, who actually is well known in NZ because he actually has a talent worth noting; he's funny. Try living in England where 7.5 seconds of late night screen time means you get to be a "celebrity", honestly, you'd think the British hate their own lives so badly they simply create these people out of thin air just to have someone else to talk about!

Re:So Hell Pizza requires Facebook/Twitter UID? (1)

BrokenHalo (565198) | about 4 years ago | (#33066026)

you'd think the British hate their own lives so badly they simply create these people out of thin air just to have someone else to talk about!

Isn't that how Susan Boyle was spawned?

Re:So Hell Pizza requires Facebook/Twitter UID? (0)

Anonymous Coward | about 4 years ago | (#33066012)

It's right there in the article, the "celeb" in question is comedian Dai Henwood. And from his quote it seems fairly clear that he's saying his Facebook/Twitter has previously been hacked via other means, thus he has nothing bad to say about the pizza company.

Re:So Hell Pizza requires Facebook/Twitter UID? (1)

guyminuslife (1349809) | about 4 years ago | (#33066040)

Maybe he was just using the same keylogger.

SQL Injection (4, Informative)

Anonymous Coward | about 4 years ago | (#33065380)

This isn't news.

Their server would execute any SQL query sent to it. The SQL queries were hard coded into the Flash objects they used.

Re:SQL Injection (5, Funny)

$RANDOMLUSER (804576) | about 4 years ago | (#33065406)

"I'd like to order a large, thin crust, double cheese, pepperoni and drop table..."

Re:SQL Injection (4, Interesting)

MichaelSmith (789609) | about 4 years ago | (#33065428)

"I'd like to order a large, thin crust, double cheese, pepperoni and drop table..."

No clear the table before you place your order so your pizza gets the priority it deserves.

Re:SQL Injection (1)

rumith (983060) | about 4 years ago | (#33065524)

Hell, it's about time!

Re:SQL Injection (2, Funny)

Splod (40032) | about 4 years ago | (#33065528)

Can't believe nobody's made the "it was all fine until Bobby Tables ordered" joke yet: http://xkcd.com/327/ [xkcd.com]

Re:SQL Injection (0)

Anonymous Coward | about 4 years ago | (#33065634)

Just like spoiler alerts for any M. Night Shyamalan film, the statute of limitations is up on having to include the link to your XKCD ref.

Re:SQL Injection (3, Insightful)

pinkushun (1467193) | about 4 years ago | (#33066030)

Why else would you Hack into a Pizza chain, other than to order free pizza?

INSERT INTO ORDERS
SELECT [cheese] AS [topping 1], [pepperoni] as [topping 2], [free] AS [price], [asap] AS [priority]

Re:SQL Injection (3, Informative)

SplashMyBandit (1543257) | about 4 years ago | (#33066346)

Mate, you should try a Hell pizza. They are completely awesome. The website used to have pictures of the pizzas and they not like Italian/American pizzas at all as they have a large number of ingredients on top (not just cheese, pizza sauce and peperoni). My favourite is the "Mordor" and if you ever get to NZ you ought to try it. The other excellent pizza is the 'Unearthly' dessert pizza - sooo good.

The FA quote... (0)

Anonymous Coward | about 4 years ago | (#33065392)

My Twitter has been hacked, my Facebook has been hacked...

And hopefully he learned not to use the same password everywhere.

Hmmm.... (1)

Dexter Herbivore (1322345) | about 4 years ago | (#33065436)

Hope it was a helluva good pizza.

Pizza Woes: A Tale (1, Funny)

Robotron23 (832528) | about 4 years ago | (#33065440)

It wasn't until I'd consumed it that I realized what was happening. Tom heartily recommended the new bread-disc, imploring I buy it with gusto:

"Pete this triple layer, cheese, anchovy, jalapeno, ape and pepperoni monster will be the takeaway of your life. They put cayenne in the tomato puree and man...just buy it. Gotta be tasted to be believed."

It's hardly common for that man to grant such an endorsement, and the next day I phoned up and got a jumbo 14" , the guy over the phone even said; 'We think you're gonna love it' - nobody ever said that to me in my illustrious history of calling up for food to my door! My heart did a little jump of the sort you get when for just a moment you swear you found a premium Ron Jeremy classic clip, or Heaven 17's 'Temptation' starting to play at a club as you instinctly haul your drunken, middle-aged self onto the dance floor for some old school self-embarassment for you and those around you - quality heartjumping you know?

I wasn't letting this occasion pass me by without making it memorable. I pulled out my deceased grandmother's candlelabra and stuck it onto the table together with purple wax scented candles I'd gotten from some hippy place in Camden years back. As I lit them and the lavender hit my nostrils it only accentuated the splendid truth that the pizza would soon arrive...

I texted Tom and a few other friends on my HTC Android, saying that some detailed pics of my consuming the bread mass and topping would follow. A simple smiley emoticon from Tom was the reply, but Tim from sports desk said...

"Pete I don't even wans to think abut your wrinkled visage and yellow-teeth digging into some pizza some guy told you was legendary. Get a grip or just put the pic on Facebook like any other conceited moron would. Or Digg...you'd probably get dugg 300 times minimum."

Bastard. Trying to rain on the parade - but there was the doorbell! I answered it, and a smiling young chap at the door said 'Hi that'll be £11.99 and here's a free bottle of Coke'.

I eagerly took the box and cola, handed over the exact change which was already prepared at the porch. The thought of the spicy clash of cayenne, jalapeno, salted ape and more was becoming less pleasent anticipation and more torture. I took my time putting the box by the table...relishing the prospect of chomping it down with abandon.

Then I opened the box......there was a 14 inch pizza but it was mere cheese and tomato! Cheese and tomato! That was it - bog-standard bullshit that I only bought in my student years due to financial stress!! An insult! Insult!

Like Tommy Wiseau in The Room I cried out a terrible and gargly cry and began a slow-paced trashing of my living room. The TV, a lovely Toshiba, went out of the window - my signed picture of Steven Jobs was smashed (later received a new frame), and I smeared the pizza over my sofa to devastating effect. The anger subsided...and although I managed to put together an omelette that night, these pizza woes will never leave me...I left a one-star review for the London Hell Pizza branch, and threatened legal action should my Android number ever find its way into some pranker's greasy mitts.

Risky.Biz Explaination (4, Informative)

SJ2000 (1128057) | about 4 years ago | (#33065460)

Risky.Biz

Immediately I spotted the SQL Queries being made by the Flash SWF as part of the query string to the server-side. The Flash client makes queries which are hard-coded in the .swf (this is dumb as it means SQL Injection is effectively a 'feature' of the store). You could easily alter the query string to show the hashes stored in the MySQL users table. I figured out the version of MySQL was 4.0 (Debian Sarge) - and the hashes in this version are very weak, cracking them would take less than a couple of hours. MySQL was listening on a remote port, so one could simply log in remotely and run queries or dump the database slowly so as to not be noticed.

Appropriately named web design company (5, Funny)

asifyoucare (302582) | about 4 years ago | (#33065672)

Check the name of the company that designed the web site. I'm assuming they haven't yet changed design companies, but if I'm wrong apologise to ... .... "Inject Design"

Re:Appropriately named web design company (0)

Anonymous Coward | about 4 years ago | (#33066568)

And for a list of soon to be hacked sites, please see their client page. [injectdesign.co.nz]

Re:Risky.Biz Explaination (2, Interesting)

buchner.johannes (1139593) | about 4 years ago | (#33065690)

Risky.Biz

... The Flash client makes queries which are hard-coded in the .swf (this is dumb as it means SQL Injection is effectively a 'feature' of the store).

Their webdesign company is called "Inject Design Ltd.". Go figure ...

You could easily alter the query string to show the hashes stored in the MySQL users table. I figured out the version of MySQL was 4.0 (Debian Sarge) - and the hashes in this version are very weak, cracking them would take less than a couple of hours.

I'm unsure what hashes he is talking about here. Password hashes? What was the weak hash algorithm?

Re:Risky.Biz Explaination (1)

Splab (574204) | about 4 years ago | (#33066180)

He is talking about the password hashes, if you have MySQL, look in the MySQL catalog for the users table, it should have a field with password, where all passwords are hashed.

Haven't checked, but they where most likely using MD5 back then for hashing, so it's a matter of quering a rainbow table to get the passwords.

Celebrities in New Zealand? (-1, Troll)

Nutria (679911) | about 4 years ago | (#33065490)

I thought all they did in NZ was "raise" sheep and feel smug about being a Nuclear Free Zone (as if it were worth more than warm spittle).

Re:Celebrities in New Zealand? (0)

Anonymous Coward | about 4 years ago | (#33065506)

We invented nuclear physics you insensitive clod! http://en.wikipedia.org/wiki/Ernest_Rutherford

Re:Celebrities in New Zealand? (1)

$RANDOMLUSER (804576) | about 4 years ago | (#33065558)

I wouldn't be in a such hurry to claim the Rutherford atom. I can't think of too many ideas (that won't go away from the popular imagination) that are the source of more wrong thinking. It's one of those ideas that actually impedes understanding.

Re:Celebrities in New Zealand? (0)

Anonymous Coward | about 4 years ago | (#33065732)

At least it deposed the plum-pudding model

Re:Celebrities in New Zealand? (1)

gregrah (1605707) | about 4 years ago | (#33065522)

They play a pretty mean game of rugby... or so I've heard.

Re:Celebrities in New Zealand? (0, Flamebait)

Nutria (679911) | about 4 years ago | (#33065588)

They play a pretty mean game of rugby...

Groups of large, sweaty, scantily-clad men gathering together for "energetic" group hugs?

Re:Celebrities in New Zealand? (1, Funny)

Anonymous Coward | about 4 years ago | (#33065792)

support your local hooker. (look up rugby positions)

Re:Celebrities in New Zealand? (1)

Hognoxious (631665) | about 4 years ago | (#33066524)

They play a pretty mean game of rugby... or so I've heard.

Say what? Is it the 1990s again?

50 steps of fail (0)

Anonymous Coward | about 4 years ago | (#33065492)

Who are they employing as security experts to use such an uncouth catchphrase in a serious discussion of security? Or has the spread of unfunny nerd culture spread so far into the ranks of the professional geek?

Re:50 steps of fail (0)

Anonymous Coward | about 4 years ago | (#33066666)

Who are they employing as security experts to use such an uncouth catchphrase in a serious discussion of security? Or has the spread of unfunny nerd culture spread so far into the ranks of the professional geek?

dunno and yarp

Hell Pizza = Pizza in CA (-1, Offtopic)

zonker (1158) | about 4 years ago | (#33065504)

Hell Pizza sounds like pizza you get in California. As a New Yorker who moved to CA I find it damn near impossible to get decent pizza. Some say it is because of the minerals in NY water that you get a good pie. I don't know. But pizza in California is Hell.

Re:Hell Pizza = Pizza in CA (5, Funny)

eln (21727) | about 4 years ago | (#33065552)

I don't know if New York-style pizza can properly be called "pizza" by the definition most other places use. I like to think of it more as a highly efficient grease delivery system.

Re:Hell Pizza = Pizza in CA (-1, Troll)

Anonymous Coward | about 4 years ago | (#33065580)

New York pizza defines American pizza. Otherwise if you go to Italy it is "margherita style" pizza or has lots of seafood on it. All American pizza is derived from New York style. Enjoy your Pizza Hut nastiness.

Re:Hell Pizza = Pizza in CA (1)

YttriumOxide (837412) | about 4 years ago | (#33065616)

Hell Pizza may suck on the security front (as evidenced by this story), but I have to say they make the best pizza I've ever had, anywhere... and that's a fairly ringing endorsement since I've eaten pizza on pretty much every continent on earth (including classic Italian pizza in Italy, New York pizza in New York, and so on).

It's also worth pointing out that while their security may suck, their web design is pretty awesome... Just playing with the cute little devils on their website [hellpizza.co.nz]

is a great time filler while you wait for your delivery.

The problem was ... (1)

dbIII (701233) | about 4 years ago | (#33065808)

they only paid for low grade security and three sixes of uptime.
Good pizza though at the branches near me on the west island.

Re:Hell Pizza = Pizza in CA (1)

Matt_R (23461) | about 4 years ago | (#33065980)

Hell Pizza may suck on the security front (as evidenced by this story), but I have to say they make the best pizza I've ever had, anywhere... and that's a fairly ringing endorsement since I've eaten pizza on pretty much every continent on earth

I'm guessing they have frozen pizza in Antarctica ;)

Hells are ok, i see they say they have Australian stores - but I can't find where any of them are...

Oh well, lucky we have Crust [crust.com.au] .

Re:Hell Pizza = Pizza in CA (1)

SplashMyBandit (1543257) | about 4 years ago | (#33066354)

Yeah. The Morder and Unearthly (dessert pizza!) are simply superb. Many a late night spent gaming powered by that combo - just what you need for the freshly-minted Starcraft II.

Re:Hell Pizza = Pizza in CA (0)

Anonymous Coward | about 4 years ago | (#33065622)

You either new or slow. You in CA. Let me give you some advice - switch over to tacos and burritos. You ain't gonna get decent pizza out here. Tacos and burritos here, though, are awesome. Tell him to hold the beans.

BTW, I love NY pizza - the sloppy, saucy, greasy slices. But midwest does the greasy grub best. Either way, you ain't getting it in loony Cali.

Re:Hell Pizza = Pizza in CA (1)

kc8apf (89233) | about 4 years ago | (#33065648)

IMHO, Cicero's Pizza in San Jose has probably the best NY-style pizza outside of NY.

Re:Hell Pizza = Pizza in CA (0)

Anonymous Coward | about 4 years ago | (#33066140)

Troll, I know, but what is with this calling of pizza "pie"?
http://www.google.co.nz/images?hl=en&source=imghp&biw=1280&bih=782&q=pie&gbv=2&aq=f&aqi=&aql=&oq=&gs_rfai=

"my twitter has been hacked" (1, Funny)

Kickasso (210195) | about 4 years ago | (#33065508)

Maybe using that credit card number as a Twitter password wasn't such a good idea after all.

Old news, except for Hell (5, Informative)

tbird81 (946205) | about 4 years ago | (#33065544)

The original breech was at least one year ago, but Hell chose to ignore it. Whoever made their website allowed SQL code to be run from the url.

Here's a blog [geekzone.co.nz] by the owner of the geekzone forum [geekzone.co.nz] that initially discovered the problem (because someone received spam from a disposable email address they used with the company.

Hell Pizza is Awesome! (3, Interesting)

mad.frog (525085) | about 4 years ago | (#33065548)

It's actually brilliant pizza -- easily the best pie I've ever had outside of the USA (or Italy). Inventive topping combinations and skillfully made. I wish they'd open a franchise here in California.

Re:Hell Pizza is Awesome! (1)

MichaelSmith (789609) | about 4 years ago | (#33065632)

I wish they'd open a franchise here in California.

Go ahead and make an order [hellpizza.co.nz] . Your pizza may require reheating on arrival though.

Re:Hell Pizza is Awesome! (1)

Hairy1 (180056) | about 4 years ago | (#33065724)

I agree. The other Pizza chains have raced to the bottom in terms of price, and as a result the quality is... well lets just say that many biologists would have trouble identifying it as biological matter, much less food. Hell Pizza has not played that game, much to their credit. They are not a huge chain, and that's the way we like it.

Re:Hell Pizza is Awesome! (1)

mad.frog (525085) | about 4 years ago | (#33065832)

I don't care whether it's a huge chain. I care much more about whether the food is good. Hell Pizza: good food, at a worth-paying-a-bit-more-for price.

Re:Hell Pizza is Awesome! (1)

c0lo (1497653) | about 4 years ago | (#33066152)

I wish they'd open a franchise here in California.

For the pizza, for the possibility to get the phone number of the celebs in Hollywood or for both?

at least they were upfront about it (5, Informative)

Anonymous Coward | about 4 years ago | (#33065614)

I received an email from Hell just under a week ago:

"Dear Valued Hell Customer,

We have been approached by a party claiming to be in possession of
customer details from the previous Hell website which is no longer in
operation. The samples that we received included details of four customers
from 2006, including phone numbers and email addresses and order
information. We can confirm that credit card data was not at risk as this
is held independently on a secure banking website.

Whilst we are still investigating the matter, we can confirm that the
information was obtained without our knowledge and we have approached the
New Zealand Police with a view to lodging a formal complaint."

They were upfront and open to their clients about the data breach, in a world where most corporates prefer the 'duck and hide' tactic. I appreciated their honesty, and will continue to shop there.

Re:at least they were upfront about it (2, Insightful)

Dunbal (464142) | about 4 years ago | (#33065804)

I appreciated their honesty,

      Yeah, they were so honest, they forgot to tell you about the other 229,996 customers...

Re:at least they were upfront about it (0)

Anonymous Coward | about 4 years ago | (#33066188)

I think that's reasonable. The company couldn't know for sure that the cracker really had 300K customer details (although it most probably was true). So they omitted this 300K figure to avoid undue alarm. Of course it's also a PR spin, but I think it's still reasonable at this point of time.

Re:at least they were upfront about it (1)

Splab (574204) | about 4 years ago | (#33066204)

Also, when you are already dealing with Hell, I think it's hard to get in good standing with the competition...

Sad (3, Insightful)

RAMMS+EIN (578166) | about 4 years ago | (#33065624)

Sadly, this isn't the only computer system security SNAFU. It isn't often that you hear about it, but many of the systems I have seen are security WTFs. I continue to be amazed at how little some programmers understand about their trade, and I just don't have words for people who think the security of their computer systems isn't important. Getting a system that is completely secure may be too much to expect, but the least you can do is not make it easy for someone to walk right in and do whatever they want with your data after 5 minutes of observing the publicly accessible part of your system!

Re:Sad (4, Insightful)

MichaelSmith (789609) | about 4 years ago | (#33065638)

Okay but how can you make a non-technical customer pay for security? They will go to the cheapest vendor and pay later when it stuffs up.

Re:Sad (1)

joost (87285) | about 4 years ago | (#33066074)

Explain it to them. Show your track record. Show other places that have been hacked. Show you are taking steps to mitigate that. That is all you can do. Sure, some clients will walk away then. But they will remember you as the security-conscious guy. When then are cracked, they will remember you. When a friend of theirs tells them they were cracked, they will come to you also. In the mean time you sleep better knowing you haven't polluted the internet with flawed software. Sometimes that's all you can do.

Re:Sad (1)

BrokenHalo (565198) | about 4 years ago | (#33066044)

and I just don't have words for people who think the security of their computer systems isn't important.

I do. Lots of them.

Oh noes they know I like seafood pizza (2, Funny)

MisterSchmoo (1262374) | about 4 years ago | (#33065692)

I'm not saying that I like all my information shared, but if they know my favourite pizza the worst case scenario is they send me one, I will wipe away the tears as I eat it.

Re:Oh noes they know I like seafood pizza (1)

BrokenHalo (565198) | about 4 years ago | (#33066052)

but if they know my favourite pizza the worst case scenario is they send me one

How about if they use your credit card to send your favourite pizza to every man, woman and child in the country?

Re:Oh noes they know I like seafood pizza (1)

internettoughguy (1478741) | about 4 years ago | (#33066382)

Well, it's sounds like free pizza, after you file the charge-back anyway.

1 pergatory, no onions, with olives (-1, Flamebait)

Anonymous Coward | about 4 years ago | (#33065738)

what do you expect from a pizza company that serves pizza with olives that STILL HAVE STONES IN THEM.... not a joke - almost broke my teeth the first time.

Re:1 pergatory, no onions, with olives (0)

Anonymous Coward | about 4 years ago | (#33065850)

Uh, that's how everyone does it in Europe (as far as I know, I haven't eaten pizza in _all_ European countries).
Some non-Europeans seem to be rather... irritated by that though.

I laugh at you weaklings (1)

timmarhy (659436) | about 4 years ago | (#33065852)

a real man (like me) builds his own pizza oven from brick and fires it with wood. what's your backup plan when the world ends and you can't order pizza online?

while you are part of the huddled masses, i'll be gorging on pizza.

Re:I laugh at you weaklings (1)

maxwell demon (590494) | about 4 years ago | (#33066038)

what's your backup plan when the world ends and you can't order pizza online?

When the world ends, there will not be any more any ingredients for Pizza, nor any bricks to build an oven or wood to fire it. Which doesn't matter, because there will also not be any belly to be filled either.

email that was sent.. (0)

Anonymous Coward | about 4 years ago | (#33065888)

The email that I received from them:

"Dear Valued Hell Customer,

We have been approached by a party claiming to be in possession of customer details from the previous Hell website which is no longer in operation. The samples that we received included details of four customers from 2006, including phone numbers and email addresses and order information. We can confirm that credit card data was not at risk as this is held independently on a secure banking website.

Whilst we are still investigating the matter, we can confirm that the information was obtained without our knowledge and we have approached the New Zealand Police with a view to lodging a formal complaint. Hell recognises the importance of protecting customer information and additional security measures were implemented earlier this year when our new website was rolled out (again, we reiterate that this is not an issue affecting the new website). As a further security measure your may wish to consider changing your passwords on other sites if they were the same as the old Hell Pizza website.

We apologise for the incident and any inconvenience that this may have caused.

Sincerely,

Stu McMullin – Director Hell Pizza

We acknowledge that some of you have asked to be removed from the database and we have only included you for the purposes of this notification. "

Heaven Pizza for a change? (1)

piotru (124109) | about 4 years ago | (#33065978)

With the RFC'd angel bit on top?

Naaah... (1)

denzacar (181829) | about 4 years ago | (#33066766)

"Tonight we dine in HEAVEN!!!" just doesn't have the same ring to it.

Main issue is the passwords (1)

houghi (78078) | about 4 years ago | (#33066102)

Private information including passwords, e-mail and home addresses, phone numbers - plus pizza orders - has fallen into the hands of the anonymous cyber hackers.

Main think is the passwords. Ok, for the celeb also the phone number. The whole thing is that AGAIN they apparently had the passwords saved in plain text.

You could blame all the people who use the same passwords for many things and refuse to have a different password for each and every site they visit. I blame the people who have passwords in plain text saved. If that would not have happend, this would have been a non-issue story.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>