In June 2014, hacker group Rex Mundi announced they had stolen approximately 592,000 customer records from Domino’s Pizza’s online ordering systems in Belgium and France. Rex Mundi was a group known for extortion-based attacks against European companies. The stolen data reportedly included customer names, addresses, phone numbers, email addresses, and — according to Rex Mundi — passwords and their favorite pizza toppings. Rex Mundi demanded €30,000 (~$40,000) from Domino’s France/Belgium, threatening to publish all the data publicly if the ransom was not paid. Domino’s refused to pay, calling the demands ‘outrageous.’ Rex Mundi subsequently published samples of the stolen data online to prove the theft. Domino’s confirmed the breach affected its European websites (run by a franchise operator distinct from the US parent) and notified the relevant data protection authorities. Domino’s stated that no payment card data was stored in the compromised system. The incident was notable as an early example of a ransomware-style extortion attack (though using data publication threats rather than encryption) against a major consumer brand’s European online operations, presaging the data extortion tactics that became widespread in the 2020s.