New Delhi: After a hacker made 13TB data of nearly 18 crore orders of Domino’s India with key details public on the ‘Dark Web’, cyber security researchers stressed Monday on the need for organisations handling end-user data to invest more in cybersecurity solutions and practices that will enhance their security posture.
Independent cyber security researcher Rajshekhar Rajaria first reported that Domino’s India has been hit by a hacker again, after Alon Gal who is CTO of cyber security firm ‘Hudson Rock’, claimed in April that credit card details of nearly 10 lakh people who purchased online on Domino’s Pizza India were allegedly being sold for over Rs 4 crore on the ‘Dark Web’.
According to Rajaria, data of 18 crore orders from Domino’s Pizza in India has now become public, that contains name, email, phone number and even the GPS location of the users.
According to him, the same person who earlier hacked financial services company ‘MobiKwik’ has compromised Domino’s India.
“The earlier hacker failed to receive ransom and sold the data to some unknown hacker, who has now posted the 13TB data of Domino’s India on the Dark Web,” Rajaria told this agency.
In an earlier statement, Jubilant Foodworks that owns the master franchise for Domino’s Pizza in India told this agency that the company experienced an information security incident recently.
“No data pertaining to financial information of any person was accessed and the incident has not resulted in any operational or business impact,” the spokesperson said. “As a policy, we do not store financial details or credit card data of our customers, thus no such information has been compromised,” the statement added.
According to Prakash Bell, Head of Customer Success and SE Lead, India and SAARC, Check Point Software Technologies, implementing technology solutions such as ZTNA, DLP, XDR and security posture management is the key to ward off such incidents.
“Complementing these with employee education around data handling, vigilance, tight security controls, processes and audits would help creating the desired culture,” Bell said in a statement.
There has been a string of hacking incidents involving Indian firms in the recent past, including ‘Bigbasket’, BuyUcoin, ‘JusPay’, ‘Upstox’ and others.