Cicis Pizza
Company Details
Linkedin ID:
cicispizza
Website:
Employees number:
2,251
Number of followers:
10,381
NAICS:
7225
Industry Type:
Homepage:
cicis.com
IP Addresses:
0
Company ID:
CIC_2856694
Scan Status:
In-progress
Cicis Pizza Company CyberSecurity Posture
cicis.com
In 1985, Joe Croce and Mike Cole opened one To-Go pizza restaurant in Plano, TX. A year later, they established Cicis as the “Best Pizza Value Anywhere” by developing the Unlimited Pizza Buffet. Cicis currently operates over 300 restaurants in more than 30 states. The newly re-designed and rebranded Cicis concept pushes the limits of the regular restaurant experience by offering a variety of pizza, salad, soups, pasta and desserts including such popular items as stuffed crust and flatbread pizzas. The customer experience also includes a fun game room making the concept very family oriented and kid friendly.
Cicis Pizza A.I CyberSecurity Scoring
Cicis Pizza Risk Score (AI oriented)Between 700 and 749
Cicis Pizza
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Cicis Pizza Global Score (TPRM)XXXX
Cicis Pizza
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Cicis Pizza Company CyberSecurity News & History
Past Incidents
3
Attack Types
1
CiCi Enterprises, LP
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving CiCi Enterprises, LP, on July 20, 2016. The breach occurred between June 30, 2015, and July 19, 2016, potentially compromising payment card information from several Cicis restaurant locations. The total number of affected individuals is currently unknown.
Cicis Pizza
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: CiCi Enterprises LP (“CiCi’s Pizza”) confirmed that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data contained on its network. The breach compromised the names, Social Security numbers, and financial account information (including credit/debit card numbers and bank account information. The company sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.
Cicis Pizza
Breach
Rankiteo Explanation
Attack threatening the economy of a geographical region
Description: CiCi’s Pizza, an American fast food business based in Coppell, suffered a credit card breach incident in June 2016. Hackers obtained access to card data that affected restaurants by posing as technical support specialists for the company’s point-of-sale provider, and multiple other retailers have been also targeted.
Cicis Pizza Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Cicis Pizza
Incidents vs Restaurants Industry Average (This Year)
No incidents recorded for Cicis Pizza in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Cicis Pizza in 2025.
Incident Types Cicis Pizza vs Restaurants Industry Avg (This Year)
No incidents recorded for Cicis Pizza in 2025.
Incident History — Cicis Pizza (X = Date, Y = Severity)
Cicis Pizza cyber incidents detection timeline including parent company and subsidiaries
Cicis Pizza Company Subsidiaries
In 1985, Joe Croce and Mike Cole opened one To-Go pizza restaurant in Plano, TX. A year later, they established Cicis as the “Best Pizza Value Anywhere” by developing the Unlimited Pizza Buffet. Cicis currently operates over 300 restaurants in more than 30 states. The newly re-designed and rebranded Cicis concept pushes the limits of the regular restaurant experience by offering a variety of pizza, salad, soups, pasta and desserts including such popular items as stuffed crust and flatbread pizzas. The customer experience also includes a fun game room making the concept very family oriented and kid friendly.
Loading...
Cicis Pizza Similar Companies
Darden
Darden’s family of restaurants features some of the most recognizable and successful brands in full-service dining — Olive Garden, LongHorn Steakhouse, Yard House, Ruth's Chris Steak House, Cheddar’s Scratch Kitchen, The Capital Grille, Chuy's, Seasons 52, Eddie V's and Bahama Breeze. We own and ope
Arby's
Arby’s, founded in 1964, is the second-largest sandwich restaurant brand in the world with more than 3,400 restaurants in seven countries. Arby’s is part of the Inspire Brands family of restaurants. For more information, visit Arbys.com and InspireBrands.com With the current growth and momentum of
Subway
Subway is one of the world's largest quick service restaurant brands, serving freshly made-to-order sandwiches, wraps, salads and bowls to millions of guests, across over 100 countries in more than 37,000 restaurants every day. Subway restaurants are owned and operated by Subway franchisees – a ne
With 58,000 employees and more than 700 restaurants in the United States and Canada, and a growing international presence, Red Lobster is the world’s largest seafood restaurant company. Our vision is to be where the world goes for seafood now and for generations. Red Lobster is an innovative, v
ZAMP
Somos um grande ecossistema de restaurantes que reúne marcas internacionais como Burger King®, Popeyes®, Starbucks® e Subway®. E, por trás de cada receita de sucesso, estão os Zampers: gente que faz acontecer, que joga junto e que deixa sua marca todos os dias. Aqui, a gente acredita que o verdad
Jack in the Box has always been the place for those who live outside the box. Where you can try new things and order what you want when you want it. Now, let’s get to the facts! Did you know Jack in the Box was founded on February 21, 1951, by a businessman named Robert O. Peterson in San Diego, Cal
We're known for our huge restaurants and generous portions but we're so much more than that! Here, you'll have big opportunities to learn and grow your career, you can take pride in the work you do, be able to balance your life with the hours and schedule you need, and be part of a team committed to
Jersey Mike's Subs
Jersey Mike’s, a fast-casual sub sandwich franchise with more than 3,000 locations open nationwide, believes that making a sub sandwich and making a difference can be one and the same. Jersey Mike’s offers A Sub Above®, serving authentic fresh sliced subs and authentic Philly cheesesteaks grilled t
Dallas-based Brinker International, Inc. is one of the world’s leading casual dining restaurant companies. Founded in 1975, Brinker owns, operates or franchises more than 1,600 restaurants across 31 countries and two territories under the names Chili’s® Grill & Bar and Maggiano’s Little Italy®. O
.png)
Cicis Pizza CyberSecurity News
August 12, 2025 07:00 AM
Pizza Chain's Cyber Claim Capped At $250K, Insurer Says
A cyber insurer urged a Texas federal court to reject Cicis Pizza's attempt to recast a ransomware attack as a cyber extortion event in...
October 11, 2023 07:00 AM
Stillman College's Cybersecurity Center Receives $500K Google Grant
Stillman College on Wednesday announced its Cybersecurity Center has been awarded a $500000 grant and additional support from Google.
January 26, 2021 08:00 AM
All-You-Can-Eat Pizza Chain Cici’s Files for Bankruptcy
CiCi's Holdings Inc., the company behind the unlimited pizza buffet restaurant chain, has filed for bankruptcy proposing to sell itself to a lender.
February 02, 2018 08:00 AM
How rampant are cyberattacks in Texas? Fort Worth defends about 15,000 threats daily
The collective misdeeds of hackers are indisputably taking a toll in Texas, prompting state lawmakers to respond with aggressive new laws to...
July 19, 2016 07:00 AM
Cici’s Pizza: Card Breach at 130+ Locations
Cici's Pizza, a Coppell, Texas-based fast-casual restaurant chain, today acknowledged a credit card breach at more than 135 locations.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Cicis Pizza CyberSecurity History Information
Official Website of Cicis Pizza
The official website of Cicis Pizza is http://www.cicis.com.
Cicis Pizza’s AI-Generated Cybersecurity Score
According to Rankiteo, Cicis Pizza’s AI-generated cybersecurity score is 723, reflecting their Moderate security posture.
How many security badges does Cicis Pizza’ have ?
According to Rankiteo, Cicis Pizza currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Cicis Pizza have SOC 2 Type 1 certification ?
According to Rankiteo, Cicis Pizza is not certified under SOC 2 Type 1.
Does Cicis Pizza have SOC 2 Type 2 certification ?
According to Rankiteo, Cicis Pizza does not hold a SOC 2 Type 2 certification.
Does Cicis Pizza comply with GDPR ?
According to Rankiteo, Cicis Pizza is not listed as GDPR compliant.
Does Cicis Pizza have PCI DSS certification ?
According to Rankiteo, Cicis Pizza does not currently maintain PCI DSS compliance.
Does Cicis Pizza comply with HIPAA ?
According to Rankiteo, Cicis Pizza is not compliant with HIPAA regulations.
Does Cicis Pizza have ISO 27001 certification ?
According to Rankiteo,Cicis Pizza is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Cicis Pizza
Cicis Pizza operates primarily in the Restaurants industry.
Number of Employees at Cicis Pizza
Cicis Pizza employs approximately 2,251 people worldwide.
Subsidiaries Owned by Cicis Pizza
Cicis Pizza presently has no subsidiaries across any sectors.
Cicis Pizza’s LinkedIn Followers
Cicis Pizza’s official LinkedIn profile has approximately 10,381 followers.
NAICS Classification of Cicis Pizza
Cicis Pizza is classified under the NAICS code 7225, which corresponds to Restaurants and Other Eating Places.
Cicis Pizza’s Presence on Crunchbase
Yes, Cicis Pizza has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/cici-s.
Cicis Pizza’s Presence on LinkedIn
Yes, Cicis Pizza maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/cicispizza.
Cybersecurity Incidents Involving Cicis Pizza
As of December 23, 2025, Rankiteo reports that Cicis Pizza has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
Cicis Pizza has an estimated 4,864 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Cicis Pizza ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Cicis Pizza detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with data breach letters sent to all affected parties..
Incident Details
Can you provide details on each incident ?
Title: CiCi’s Pizza Credit Card Breach
Description: CiCi’s Pizza, an American fast food business based in Coppell, suffered a credit card breach incident in June 2016. Hackers obtained access to card data that affected restaurants by posing as technical support specialists for the company’s point-of-sale provider, and multiple other retailers have been also targeted.
Date Detected: 2016-06-01
Type: Data Breach
Attack Vector: Social Engineering
Vulnerability Exploited: Trust in technical support specialists
Threat Actor: Unknown
Motivation: Financial gain
Title: CiCi’s Pizza Data Breach
Description: CiCi Enterprises LP (“CiCi’s Pizza”) confirmed that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data contained on its network. The breach compromised the names, Social Security numbers, and financial account information (including credit/debit card numbers and bank account information). The company sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.
Type: Data Breach
Threat Actor: Unauthorized Party
Title: CiCi Enterprises Data Breach
Description: The California Office of the Attorney General reported a data breach involving CiCi Enterprises, LP, on July 20, 2016. The breach occurred between June 30, 2015, and July 19, 2016, potentially compromising payment card information from several Cicis restaurant locations. The total number of affected individuals is currently unknown.
Date Detected: 2016-07-20
Date Publicly Disclosed: 2016-07-20
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Point-of-sale provider.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach CIC02531522
Data Compromised: Credit card data
Systems Affected: Point-of-sale system
Payment Information Risk: High
Incident : Data Breach CIC203929822
Data Compromised: Names, Social security numbers, Financial account information (including credit/debit card numbers and bank account information)
Identity Theft Risk: High
Payment Information Risk: High
Incident : Data Breach CIC1001072625
Data Compromised: Payment card information
Payment Information Risk: High
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Credit Card Data, , Names, Social Security Numbers, Financial Account Information (Including Credit/Debit Card Numbers And Bank Account Information), and Payment card information.
Which entities were affected by each incident ?
Incident : Data Breach CIC02531522
Entity Name: CiCi’s Pizza
Entity Type: Organization
Industry: Fast Food
Location: Coppell, Texas
Incident : Data Breach CIC203929822
Entity Name: CiCi Enterprises LP (“CiCi’s Pizza”)
Entity Type: Company
Industry: Food and Beverage
Incident : Data Breach CIC1001072625
Entity Name: CiCi Enterprises, LP
Entity Type: Company
Industry: Restaurant
Location: Multiple locations
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach CIC203929822
Communication Strategy: Data breach letters sent to all affected parties
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach CIC02531522
Type of Data Compromised: Credit card data
Sensitivity of Data: High
Incident : Data Breach CIC203929822
Type of Data Compromised: Names, Social security numbers, Financial account information (including credit/debit card numbers and bank account information)
Sensitivity of Data: High
Incident : Data Breach CIC1001072625
Type of Data Compromised: Payment card information
Sensitivity of Data: High
References
Where can I find more information about each incident ?
Incident : Data Breach CIC1001072625
Source: California Office of the Attorney General
Date Accessed: 2016-07-20
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Cyber Incident DescriptionDate Accessed: 2023-10-01, and Source: California Office of the Attorney GeneralDate Accessed: 2016-07-20.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Data breach letters sent to all affected parties.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach CIC203929822
Customer Advisories: Data breach letters sent to all affected parties
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Data breach letters sent to all affected parties.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach CIC02531522
Entry Point: Point-of-sale provider
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach CIC02531522
Root Causes: Trust in technical support specialists
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Unknown and Unauthorized Party.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2016-06-01.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2016-07-20.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Credit card data, , Names, Social Security numbers, Financial account information (including credit/debit card numbers and bank account information), and Payment card information.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Point-of-sale system.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Names, Financial account information (including credit/debit card numbers and bank account information), Payment card information, Credit card data and Social Security numbers.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Cyber Incident Description and California Office of the Attorney General.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Data breach letters sent to all affected parties.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Point-of-sale provider.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyDevs TempTool allows Stored XSS.This issue affects TempTool: from n/a through 1.3.1.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tormorten WP Microdata allows Stored XSS.This issue affects WP Microdata: from n/a through 1.0.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Description
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HappyDevs TempTool allows Retrieve Embedded Sensitive Data.This issue affects TempTool: from n/a through 1.3.1.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
A vulnerability has been found in Tenda FH1201 1.2.0.14(408). Affected is the function sprintf of the file /goform/SetIpBind. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
Risk Information
cvss2
Base: 9.0
Severity: LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1201/SetIpBind/SetIpBind.md
- https://github.com/z472421519/BinaryAudit/blob/main/PoC/BOF/Tenda_FH1201/SetIpBind/SetIpBind.md#reproduce
- https://vuldb.com/?ctiid.337689
- https://vuldb.com/?id.337689
- https://vuldb.com/?submit.719154
- https://www.tenda.com.cn/
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=cicispizza' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
