Domino’s Data Leak Exposed Data of 18 Crore Orders
A hacker alleged that earlier in April he had successfully gained access to Dominos data in the value of 13TB. Data belonging to more than 180,00,000 purchase orders containing telephone numbers, e-mail addresses, and billing information, and user credit card details would be included in the leak.
Domino’s Pizza, Inc. is a multinational American pizza restaurant chain established in 1960, known as Domino’s. The F&B chain is particularly prominent in India, which can be seen in the smooth functioning of its operations despite the ongoing pandemic.
Rajshekhar Rajaharia, a security expert, took to Twitter to announce that Dominos was again infringed upon while showing that 18 crore orders’ data was made available as hackers built a search engine on the Dark Web; customers will most probably find their personal information there if they are regular dominos buyers. The information leaked comprises users’ name, e-mail, telephone number, and even their GPS locations.
“Data of 18 crore orders of Domino’s India have become public. Hacker created a search engine on Dark Web. If you have ever ordered @dominos_india online, your data might be leaked. Data include Name, Email, Mobile, GPS Location, etc,” Rajaharia tweeted.
The incident was brought to light before the beginning of April by Alon Gal, CTO of cybersecurity company Hudson Rock. He said that users’ data were sold for about ten BTC by hackers. The hackers want to create a search engine to enable data to be queried, Gal further added.
The data compromised include 10 Lakh credit card details and even addresses of people who have purchased Dominos Pizza. However, Dominos India had denied leakage of financial information of users in a declaration given to Gadgets 360.
When Jubilant Food Works, the master franchise holder for Domino’s in India, Nepal, Sri Lanka, and Bangladesh, was approached, it was confirmed that the company recently had a security incident but no financial details were revealed.
“Jubilant Food Works experienced an information security incident recently. No data about financial information of any person was accessed and the incident has not resulted in any operational or business impact.”
“As a policy, we do not store financial details or credit card data of our customers, thus no such information has been compromised. Our team of experts is investigating the matter and we have taken necessary actions to contain the incident,” the company spokesperson said.