Home Cyber Crime Domino’s India discloses data breach after hackers sell data online

Domino’s India discloses data breach after hackers sell data online


Dominos Pizza

Domino’s India has disclosed an information breach after a menace actor hacked their programs and offered their stolen knowledge on a hacking discussion board.

In April 2021, a menace actor created a brand new matter on a hacking discussion board the place they claimed to be promoting 13 TB of stolen knowledge, together with particulars for 18 crores (180 million) orders and 1 million bank cards, from Domino’s India.

Threat actor selling data for Domino's India
Risk actor promoting knowledge for Domino’s India

The menace actor was promoting the information for roughly 10 BTC, or $380,000 at right now’s charges, and shared samples of the database construction for the allegedly stolen knowledge.

This month, the identical menace actors launched a Tor darkish net search engine that enables individuals to enter their telephone numbers or e-mail addresses to see if their info is uncovered within the database.

Earlier than utilizing this search engine, it is important to do not forget that the menace actor run this service. Due to this fact, any submitted knowledge may very well be used for additional malicious exercise, resembling phishing and smishing assaults.

Domino's India Tor search engine
Domino’s India Tor search engine

Domino’s India customers have informed BleepingComputer that they examined the search engine, and it did include their orders and different private info from their account.

Domino’s India lastly discloses an information breach

In the present day, Safety researcher Rajshekhar Rajaharia, who has been following this breach, tweeted that Domino’s India has lastly begun disclosing the information breach – over a month after it was first reported.

In a brief e-mail to prospects, Jubilant Networks, the grasp franchise proprietor for Domino’s Pizza in India, disclosed that they have been hacked on March twenty fourth, 2021.

Nevertheless, they state that the menace actor’s claims to have stolen 1 million bank cards are false as they don’t retailer any monetary particulars of customers on their website.

Domino's India data breach notification
Domino’s India knowledge breach notification

From the database tables and knowledge shared with BleepingComputer by customers who utilized the search engine, the information does embody prospects’ cellular numbers, names, e-mail addresses, and GPS coordinates.

When mixed, hackers can use this info to carry out additional assaults, resembling phishing scams and SMS messaging scams, to steal additional delicate knowledge from these uncovered on this breach.

All Domino’s India prospects ought to be looking out for emails and texts pretending to be from Domino’s and never present any info, resembling bank cards and passwords except you’re particularly accessing the https://www.dominos.co.in/ web site.

Source link