Domino's Pizza refuses to cave in to hackers' extortion attempt

PARIS (AFP) - Domino's Pizza said Tuesday it had refused to cave in to a 30,000-euro (S$50,952) extortion attempt by hackers who said they had stolen the personal data of 600,000 of its customers.

The pizza delivery giant told affected French and Belgian clients Friday that it had been hacked into and that "some passwords" had been taken, giving those behind the attack access to data such as phone numbers and addresses, though not to bank details.

That same day, a hacking group called Rex Mundi tweeted on an account that has since been deleted that it had given the US chain until 1800 GMT Monday to pay 30,000 euros in exchange for not publishing the data. But a spokesperson for Domino's Pizza told AFP Tuesday the US group had not paid the money, refusing "to yield to blackmail from any form of criminal organisation".

It is not yet known whether the hackers have published the data.

According to Gerome Billois, an expert at IT consultants Solucom, Rex Mundi is not an unknown group of hackers. "Already in 2012, they attacked and tried to extort (French cable operator) Numericable, as well as a bank in (the southeastern city of) Nice whose customer data they then published on the Internet," he said. "But it's quite rare that these cases go public."

Loic Guezo, a strategic director at IT security company Trend Micro, said it was the first time to his knowledge that hackers had gone public with their ransom demands, adding that this new development was "terrifying".

"It's the law of the jungle, we're in the Wild West and consumers are publicly taken hostage," he said.

In a separate report by Reuters, it was revealed that Nokia 'paid millions to software blackmailers six years ago':

HELSINKI - Finnish telecoms equipment company Nokia paid several million euros to criminals who threatened to reveal the source code for part of an operating system used in its smartphones some six years ago, Finnish TV station MTV said on Tuesday.

The police confirmed to Reuters that they were investigating a case of alleged blackmail and that the case was still open. Nokia was not immediately available for comment.

"We are investigating felony blackmail, with Nokia the injured party," Detective Chief Inspector Tero Haapala said, but declined to give further details.

MTV said that the blackmailers had acquired the encryption key for a core part of Nokia's Symbian software and threatened to make it public.

Had it done so anyone could then have written additional code for Symbian including possible malware which would have been indistinguishable from the legitimate part of the software, MTV said.

After the blackmail attempt Nokia contacted the police and agreed to deliver the cash to a parking lot in Tampere, central Finland. The money was picked up but the police lost track of the culprits, MTV said.

In 2007 Nokia's smartphone market share was about 50 per cent with the Symbian software also used then by other manufacturers.

Nokia later moved to use Microsoft's Windows software in its smartphones and Microsoft bought Nokia's entire mobile phone business earlier this year for 5.6 billion euros (S$9.5 billion).