I’m not sure how much customer data has been compromised or even how it was compromised (could have been an employee who manually stole some of the data) but it has been somehow compromised.
I have a relatively fail-proof and completely trackable email spam system. When I create an account online or give out my email address in some other manner, pretty much everybody I give the address to receives a unique email address. Prior to giving it out, I will create a brand new alias at my domain and have that email forwarded to my real account. So for example, if I create an account at Yahoo.com then I might create the address yahoo _at_ jaxidian.org and have it forwarded to my account.
One such account that I have created is with Donato’s to order pizza online. When I created this account, I gave them donatos _at_ jaxidian.org as my email address. Just today I began receiving spam at this email address. This means that somehow an email address that I have confidentially given to Donato’s has made its way into some spammer’s hands. This could have been an extremely isolated case where an employee stole just my address and gave it/sold it to a spammer. This could have been an attack on Donato’s systems where not just email addresses but perhaps also credit card information has been lost. I really have no clue. But alas, because Donato’s is the only company/person I have given this email address to EVER, this most likely means that Donato’s customer data has been compromised.
Perhaps I should stop paying with credit cards when I buy pizza?