Cyber security researcher: Data of 18cr Domino's India users out on Dark Web
Researchers on Monday stressed on the need for organisations handling end-user data to invest more in cybersecurity solutions and practices that will enhance their security posture, after a hacker made 13TB data of nearly 18 crore orders of Domino's India with key details public on the Dark Web.
Independent cyber security researcher Rajshekhar Rajaria first reported that Domino's India has been hit by a hacker again, after Alon Gal who is CTO of cyber security firm Hudson Rock, claimed in April that credit card details of nearly 10 lakh people who purchased online on Domino's Pizza India were allegedly being sold for over Rs 4 crore on the Dark Web.
According to Rajaria, data of 18 crore orders from Domino's Pizza in India has now become public, that contains name, email, phone number and even the GPS location of the users.
According to him, the same person who earlier hacked financial services company MobiKwik has compromised Domino's India.
"The earlier hacker failed to receive ransom and sold the data to some unknown hacker, who has now posted the 13TB data of Domino's India on the Dark Web," Rajaria told IANS.
In an earlier statement, Jubilant Foodworks that owns the master franchise for Domino's Pizza in India, told IANS that the company experienced an information security incident recently.
"No data pertaining to financial information of any person was accessed and the incident has not resulted in any operational or business impact," the spokesperson said.
"As a policy, we do not store financial details or credit card data of our customers, thus no such information has been compromised".
According to Prakash Bell, Head of Customer Success and SE Lead, India and SAARC, Check Point Software Technologies, implementing technology solutions such as ZTNA, DLP, XDR and security posture management is key to ward off such incidents.
"Complementing these with employee education around data handling, vigilance, tight security controls, processes and audits would help creating the desired culture," Bell said in a statement.
There have been a string of hacking incidents involving Indian firms in the recent past, including Bigbasket, BuyUcoin, JusPay, Upstox and others.
*Edited from an IANS report