IMAGE: VISHU UNSPLASH
Domino’s India has fallen victim to an alleged massive data leak. The hack could have affected anyone who ordered from Dominos India over the phone using their phone number or email address. The matter has come to light after cybersecurity expert Rajshekhar Rajaharia alleged that a hacker on the dark web made data of 18 crore Domino's India orders public.
It has been reported by the cyber expert on his Twitter handle that the hackers have created a webpage on the dark web and that the data can be pulled out simply by searching for a phone number or an email address. Rajshekhar Rajaharia also cautions users that “if you have ever ordered Dominos India online, your data might be leaked. Data include name, email, mobile, GPS location, etc.” Check out the tweet regarding the same above.
Alleged #Dominos India 18 Crore Order's Data #SearchEngine is now listed & ranking on Google Search. Our privacy is now searchable in @Google. #Dominos should immediately alert it's affected users. #InfoSec #GDPR #DataLeak @troyhunt @fs0c131y @jackerhack @internetfreedom pic.twitter.com/uxbWxfsGgS— Rajshekhar Rajaharia (@rajaharia) May 25, 2021
The specifics of some transactions leaked are mentioned below:
PTI quoted the official statement by Domino's India. It read, "Jubilant FoodWorks experienced an information security incident recently. No data pertaining to the financial information of any person was accessed and the incident has not resulted in any operational or business impact". The company spokesperson further added, "As a policy, we do not store financial details or credit card data of our customers, thus no such information has been compromised. Our team of experts is investigating the matter and we have taken necessary actions to contain the incident".
Soon after the recent Domino's data breach, the company started alerting its users about it. The pizza delivery company informed users in their mails that the financial information of the users has not been leaked. Check out a tweet regarding the same below.
Domino's started alerting it's users. Data breach happened on 24th March 2021. They didn't state in the email what was in the breach. #Infosec #GDPR #dominosdatabreach #DominosDataleakhttps://t.co/BfR4zbKfDF pic.twitter.com/RBaMf6kP19— Rajshekhar Rajaharia (@rajaharia) May 25, 2021