Jubilant FoodWorks-owned Domino’s India's data has been allegedly leaked and put up on sale on the dark web. This data includes sensitive customer information such as their names, phone numbers, and credit card details.
According to cyber experts, at least 18 crore orders received by the pizza chain has been allegedly leaked . This not only includes customer information but also its internal files that carries details of the company's 250 employees, worth 13 TB of information.
Israel based co-founder and Chief Technology Officer of cybercrime intelligence firm Hudson Rock, Alon Gal, tweeted on Sunday, 18 April, that the data that includes phone numbers, emails, addresses, payment details, including one million credit card details of pizza chain Domino's India was been put up for sale for $550,000.
Mobikwik Hackers Selling Data
Cyber security researcher Rajshekhar Rajaharia told The Quint that the same group that earlier allegedly leaked mobile platform Mobikwik's data are responsible for this data leak too.
The alleged hacker on a raid forum post claims to build a search portal where users can check for their leaked data. “We have plans to build a search portal like other group which did Mobikwik breach last month here on raid forums,” said the hacker group on a website where the data is being allegedly sold.
'Had Alerted CERT-In': Cyber Expert
Rajaharia said that he first alerted India's cyber incident arm of the government Computer Emergency Response Team (CERT-In) about the Domino’s data leak in March. "However, CERT-In did not take any punitive measures which could have avoided this potential data leak," he said.
Financial Details Remain Safe
The Quint reached out to Domino's India for a comment on the reported details. Here's what the company said.
“Jubilant FoodWorks experienced an information security incident recently. No data pertaining to financial information of any person was accessed and the incident has not resulted in any operational or business impact. As a policy we do not store financial details or credit card data of our customers, thus no such information has been compromised.Our team of experts is investigating the matter and we have taken necessary actions to contain the incident.”Jubilant FoodWorks, spokesperson
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)