Independent cyber security researcher Rajshekhar Rajaria first reported that Domino's India has been hit by a hacker again, after Alon Gal who is CTO of cyber security firm Hudson Rock, claimed in April that credit card details of nearly 10 lakh people who purchased online on Domino's Pizza India were allegedly being sold for over Rs 4 crore on the Dark Web.
According to Rajaria, data of 18 crore orders from Domino's Pizza in India has now become public, that contains name, email, phone number and even the GPS location of the users.
According to him, the same person who earlier hacked financial services company MobiKwik has compromised Domino's India.
"The earlier hacker failed to receive ransom and sold the data to some unknown hacker, who has now posted the 13TB data of Domino's India on the Dark Web," Rajaria told IANS.
In an earlier statement, Jubilant Foodworks that owns the master franchise for Domino's Pizza in India, told IANS that the company experienced an information security incident recently.
"No data pertaining to financial information of any person was accessed and the incident has not resulted in any operational or business impact," the spokesperson said.
"As a policy, we do not store financial details or credit card data of our customers, thus no such information has been compromised".
According to Prakash Bell, Head of Customer Success and SE Lead, India and SAARC, Check Point Software Technologies, implementing technology solutions such as ZTNA, DLP, XDR and security posture management is key to ward off such incidents.
"Complementing these with employee education around data handling, vigilance, tight security controls, processes and audits would help creating the desired culture," Bell said in a statement.
There have been a string of hacking incidents involving Indian firms in the recent past, including Bigbasket, BuyUcoin, JusPay, Upstox and others.
New Delhi, May 24
After a hacker made 13TB data of nearly 18 crore orders of Domino's India with key details public on the Dark Web, cyber security researchers on Monday stressed on the need for organisations handling end-user data to invest more in cybersecurity solutions and practices that will enhance their security posture.
Disclaimer: This story was supplied by an external content provider; we do not endorse or accept responsibility for its accuracy, completeness, or any outcomes from relying on it. It is for informational purposes only and does not constitute legal, financial, medical, or other professional advice. Laws and regulations vary and may change; readers should verify accuracy and compliance with local requirements and consult a qualified professional for tailored guidance.
