Domino's India: 10 Lakh Customer Credit Card Data Leak!

Domino's India is a popular pizza outlet in India and the brand has lakhs of trusted clients throughout the country. According to an Israel cyber security firm, the pizza making company is alleged to be a victim of a cyber attack.

Alon Gal, the co-founder of cyber security intelligence has revealed that a group of digital hackers has access to the company's 13TB internal data. The accessed information includes employees data too comprising different departments such as IT, Marketing, Finance, Operations etc.

According to the report, the hackers have access to the clients' data and got details of around 18 crore orders. These order details include customer name, email, phone number, payment term and delivery address. Moreover, the hackers claim to retrieve more than 1 million credit card information that is used to make the orders from the Domino's app.

Furthermore, as investigated by Alon Gal, the leaked data has been put on sale on the dark web, and it is expected to be sold to one buyer. In addition, the offenders have demanded USD 550,0000 for the stolen database. The amount in Indian rupees is around 4 crores.

In response to the data leak, Domino's India has not confirmed or denied the data breach or any stolen data from their servers.

This is not the only time that an India operating organization is hit by a cyber attack. Earlier, companies like Bigbasket (online grocery app), MobiKwik (digital payment and wallet) and others have faced the heat of cyber threats.

Is digitalization safe and secure?

The technology is implemented to fasten the business operations and bring comfort to users. However, due to some system vulnerabilities, companies get trapped by the clever cyber criminals.

Organizations should go for the regular system audit to prevent any security complications. Moreover, for the users, it is essential to use the services wisely. Don't store your personal information on mobile apps, especially bank and card details. You may enter the details every time manually when you wish to order online. This may make the process tedious, but it is safe.

Again on 22nd May 2021:

All customer data of DOMINO'S PIZZA hacked by anonymous hackers and 13 TB of customer data uploaded on Darkweb accessible to the public. The entire data is uploaded in a searchable format where you can search out - Name, mobile, email, address of the customer, exact location on map, date & time of delivery, payment done.

By putting in any random mobile number (or known mobile number), I can find out the address of the person. The hackers have promised that they will upload credit card information soon for all Pizza orders. Check the actual screenshot taken by me from the Darkweb site (and further verified with real data).

Missing Indian Data Protection & Privacy Regulation.

Found this helpful?

Keep following ISOEH news to update yourself with cyber attacks and crimes happening around the world. We provide you with the latest IT and cyber security news!

Also, if you are an organization and looking for a website security check, we can certainly assist you. Follow the link and book your website audit!

Let's create a secure digital world together.

Last Edited: 24th May 2021.