Domino's India faces cyber attack; data of 18 cr orders, including personal info, leaked

Nearly a month after a massive data leak, Jubilant FoodWorks - which runs the chain of Domino's India outlets - has faced another cyberattack with personal information of customers being leaked this time. The incident has come to the fore after a cybersecurity researcher Rajshekhar Rajaharia claimed that data of 18 crore orders placed with Domino's India have been made public by a hacker on the dark web. The data includes name, e-mail addresses, mobile numbers, GPS location amongst others. 

Rajaharia has alleged that with data of customers being leaked on the dark web, anyone can easily search any mobile number and check the given person's past locations with data and time. 

Domino's India admits breach

Meanwhile, Jubilant FoodWorks has admitted to the data breach, but maintained that customers' financial information remains safe. Stating that the company experienced a 'security incident,' the company has said that it has not resulted in any operational or business impact. The company claims that the financial data of customers, including credit card data, remains safe as it does not store these details. 

"Jubilant FoodWorks experienced an information security incident recently. No data pertaining to the financial information of any person was accessed and the incident has not resulted in any operational or business impact," PTI quoted the official statement by Domino's India. 

"As a policy, we do not store financial details or credit card data of our customers, thus no such information has been compromised. Our team of experts is investigating the matter and we have taken necessary actions to contain the incident," the company spokesperson said. 

Last month, an Israel-based cyber expert had claimed that over 13 Terabytes of data had been leaked in a cyber attack faced by Domino's India. Alon Gal, an Israel-based co-Founder of cybercrime intelligence firm Hudson Rock had tweeted that the hacker put up data of Domino's India for a sale of $550,000 (approx. Rs 4 crore) meant for a single buyer. The data included details of lakhs of Domino's India customers and employees. As per reports, sensitive customer data like names, phone numbers, and credit card details were accessed by hackers. 

Air India faces data breach 

A cybersecurity attack on Air India's data processor back in February this year led to a data compromise of nearly 4,500,000 individuals, the airline has informed. The security breach of Air India's SITA PSS data processor, which stores and processes the personal information of passengers, has affected personal data registered between August 2011 and February 2021 (10 years). Details such as name, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data (except for passwords), and data of credits cards of several passengers is said to have been compromised by the cyber attack.