After a hacker made 13TB data of nearly 18 crore orders of Domino’s India with key details public on the Dark Web, Jubilant Foodworks that owns the master franchise for Domino’s Pizza in India sent a letter to users on Tuesday, saying that it has hired a global forensic agency to investigate the matter.
Domino’s India said it suffered an information security incident on March 24, 2021, wherein its systems were attacked by a hacker.
“We moved quickly to contain the breach and hired an external agency to do an impact assessment. Domino’s, as a policy, does not store financial details of users such as complete credit card number, CVV, passwords etc and therefore, no such information was compromised,” the company said in the open letter.
Independent cyber security researcher Rajshekhar Rajaharia first reported that Domino’s India has been hit by a hacker again, after Alon Gal who is CTO of cybersecurity firm Hudson Rock, claimed in April that credit card details of nearly 10 lakh people who purchased online on Domino’s Pizza India were allegedly being sold for over Rs 4 crore on the Dark Web.
According to Rajaharia, data of 18 crore orders from Domino’s Pizza in India has now become public, which contains name, email, phone number, and even the GPS location of the users.
“We have lodged a formal complaint with the relevant authorities and also filed a complaint with the cybercrime cell, and has hired a global forensic agency to investigate the matter, to try and identify the perpetrators behind the attack,” Jubilant Foodworks said.
According to Rajaharia, the same person who earlier hacked financial services company MobiKwik has compromised Domino’s India.
“The earlier hacker failed to receive the ransom and sold the data to some unknown hacker, who has now posted the 13TB data of Domino’s India on the Dark Web,” Rajaria had told IANS.