Million users' data compromised after alleged hack into Domino's India

New Delhi: Credit card details of nearly 10 lakh people who purchased online on Domino's Pizza India is being sold on the Dark Web, cybersecurity firm Hudson Rock claimed on Sunday. According to Alon Gal, the CTO of the firm, the threat actor has claimed to have hacked Domino's India database worth 13TB and selling the stolen data for a sum of Rs 4 crore.

"Information includes 180,000,000 order details containing names, phone numbers, emails, addresses, payment details and a whopping 1,000,000 credit cards," Gal claimed in a tweet. "Plenty of large-scale Indian breaches lately, this is worrying," he added. Domino's India is yet to respond to Gal's tweet.

Rajshekhar Rajaharia, an independent cybersecurity researcher, told IANS that he had alerted the CERT-in (India's national cyber defence agency) on March 5 about this possible hack. "I had alerted CERT-in about a possible Domino's Pizza India hack where the threat actor got data access with details like 200 million orders and personal data of the users too. The hacker, however, did not provide any sample," Rajaharia said.

Earlier this month, Gal claimed that 53.3 crore Facebook users', out of which 61 lakh were Indians, personal data were leaked online after the hacker posted the details on a digital forum. Information including Facebook ID numbers, profile names, email addresses, location information, gender details, job data etc., was reportedly leaked. However, a Facebook spokesperson clarified, "This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019."

In the recent past, India witnessed a chain of hacking incidents in which firms including Bigbasket, BuyUcoin, JusPay, and Upstox.