LOGAN, OH (WCMH) — Kristin Coffman was doing some online Christmas shopping from her home in Logan recently when she noticed a couple of emails from Dominos pizza. “And I was like, ‘I didn’t order Dominos’.” Coffman said. “So I opened them up and looked at them and one was from Cambridge, Maryland and one was from Dover, Delaware.”
Coffman called the Dominos in Maryland and learned that $49.83 worth of pizza was delivered to a home in Cambridge. Coffman says she called police in Cambridge who went to the address and found a teenager who said he placed the order through a person he met online.
Coffman traced it back to a Twitter account where the user was offering to order $50 worth of pizza for a $10 payment on PayPal.
A spokeswoman for Dominos tells NBC 4 it’s not a problem with Dominos computer accounts. Jenny Fouracre says cyber criminals are testing usernames and passwords taken in past data breaches on the websites of other online businesses including Dominos.
Matt Curtin, founder of the Columbus based cybersecurity firm Interhack says many people have been ignoring advice about using different passwords on different accounts. “Never reuse passwords in the first place and that way you don’t have to worry about a breach on one site exposing you on another,” Curtin said.
Coffman admits she used the same information on multiple accounts and stored her credit card information on some of them. “They couldn’t have done it if I didn’t save my credit card on there but, you know, it’s an app and you go in and order and you don’t have to put in your credit card because it’s already saved.”
Coffman says she has now removed all her credit card information and changed her passwords.
Curtin says consumers should use different passwords on different accounts, periodically change their passwords and make your passwords complicated.