Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Dominos. Show all posts

Domino’s Data Leak Exposed Data of 18 Crore Orders

 

The famous Pizza company Dominos suffered a data leak again this year wherein the details of 18 crore orders are made accessible on the dark web, according to some security experts. 

A hacker alleged that earlier in April he had successfully gained access to Dominos data in the value of 13TB. Data belonging to more than 180,00,000 purchase orders containing telephone numbers, e-mail addresses, and billing information, and user credit card details would be included in the leak. 

Domino's Pizza, Inc. is a multinational American pizza restaurant chain established in 1960, known as Domino's. The F&B chain is particularly prominent in India, which can be seen in the smooth functioning of its operations despite the ongoing pandemic. 

Rajshekhar Rajaharia, a security expert, took to Twitter to announce that Dominos was again infringed upon while showing that 18 crore orders' data was made available as hackers built a search engine on the Dark Web; customers will most probably find their personal information there if they are regular dominos buyers. The information leaked comprises users' name, e-mail, telephone number, and even their GPS locations. 

"Data of 18 crore orders of Domino's India have become public. Hacker created a search engine on Dark Web. If you have ever ordered @dominos_india online, your data might be leaked. Data include Name, Email, Mobile, GPS Location, etc," Rajaharia tweeted. 

The incident was brought to light before the beginning of April by Alon Gal, CTO of cybersecurity company Hudson Rock. He said that users' data were sold for about ten BTC by hackers. The hackers want to create a search engine to enable data to be queried, Gal further added. 

The data compromised include 10 Lakh credit card details and even addresses of people who have purchased Dominos Pizza. However, Dominos India had denied leakage of financial information of users in a declaration given to Gadgets 360. 

When Jubilant Food Works, the master franchise holder for Domino's in India, Nepal, Sri Lanka, and Bangladesh, was approached, it was confirmed that the company recently had a security incident but no financial details were revealed. 

"Jubilant Food Works experienced an information security incident recently. No data about financial information of any person was accessed and the incident has not resulted in any operational or business impact.” 

"As a policy, we do not store financial details or credit card data of our customers, thus no such information has been compromised. Our team of experts is investigating the matter and we have taken necessary actions to contain the incident," the company spokesperson said.

Hackers Have Access to Domino’s India 13TB of Internal Data

 

Popular pizza outlet Domino's India appears to have succumbed to a cyber assault. As per Alon Gal co-founder of an Israeli cybercrime intelligence, the hackers have access to Domino's India 13TB of internal information which incorporates employee details of more than 250 employees across verticals like IT, Legal, Finance, Marketing, Operations, and so on. The hackers guarantee to have all client details and 18 crore other details which incorporate clients' names, phone numbers, email IDs, delivery address, payment details including more than 10 lakh credit card details used to purchase on Domino’s India app. 

Further, the hackers are meaning to sell the whole information to a single buyer. As indicated by Alon Gal, the hackers are searching for $550,000 (around Rs 4 crores) for the whole database. The hackers likewise have plans to construct a search portal to enable querying the data. The sale is clearly occurring on the dark web and likely on a site frequented by cyber scammers. For now, Domino's India has neither affirmed nor rejected that information of its consumers has been stolen or leaked from its servers. 

“Information includes 180,000,000 order details containing names, phone numbers, emails, addresses, payment details, and a whopping 1,000,000 credit cards,” Gal claimed in a tweet. “Plenty of large-scale Indian breaches lately, this is worrying,” he added. 

It is particularly worrying as India has been a victim of several large-scale cyber breaches lately. As indicated by Computer Emergency Response Team (CERT-IN) information, during the Covid-19 pandemic digital assaults on India grew by almost 300% last year, developing to 11,58,208 out of 2020 contrasted with 3,94,499 out of 2019.

Independent cybersecurity researcher Rajshekhar Rajaharia revealed to IANS that he had cautioned about this conceivable hack to the CERT-in on March 5. “I had alerted CERT-in about a possible Domino’s Pizza India hack where the threat actor got data access with details like 200 million orders and personal data of the users too. The hacker, however, did not provide any sample,” Rajaharia said. 

There have been a string of hacking incidents including Indian firms in the recent past, including Bigbasket, BuyUcoin, JusPay, Upstox, and others. Gal recently claimed that the personal information of almost 533 million (53.3 crore) Facebook clients, including 61 lakh Indians, was leaked online after a hacker posted the details on a digital forum.