tech2 News StaffApr 19, 2021 18:15:22 IST
Domino’s India, a popular pizza outlet in the country, appears to have fallen prey to a cyber attack, as per Alon Gal, co-founder of an Israeli cybercrime intelligence firm. According to Gal, hackers have access to 13 TB worth of data, including 180,000,000 order details containing names, phone numbers, payment details, and a million credit card details. Gal further reveals the hackers are looking for $550,000 in ransom in exchange for the database. The hackers reportedly “plan to build a search portal to enable querying the data”.
The threat actor is looking for around $550,000 for the database and saying they have plans to build a search portal to enable querying the data. pic.twitter.com/o2UuA7LWXJ
— Alon Gal (Under the Breach) (@UnderTheBreach) April 18, 2021
Another security researcher, Rajashekhar Rajaharia, also confirmed the breach, along with data that seems to reveal all the details accessed by the hackers.
Again Big Data Leak! 20 Crore Order Details including 13 TB data of Domino’s India alleged leaked from #DominosIndia Server. Data Includes mobile, email, name, home address, payment type and Social Login Tokens. It seems Financial data is not there. #infosec #GDPR @jackerhack pic.twitter.com/glOAFpQCD7
— Rajshekhar Rajaharia (@rajaharia) April 19, 2021
The Domino’s India’s alleged data hack adds to a string of hacking incidents involving Indian firms. BigBasket and Mobikwik have also been victims of hacks in recent times.
“Domino’s India joins a string of hacking incidents involving Indian firms in the recent past, including BigBasket, BuyUcoin, JusPay, Upstox and others. There needs to be an increased focus on cybersecurity – based on our research, on average, an organisation in India has been attacked 1,681 times a week in the last six months. This is more than 2.5 times higher than the global average of 667 attacks globally,” says Sundar N Balasubramanian, Managing Director, Check Point Software Technologies, India & SAARC.
Additionally, GajShield Infotech CEO Sonit Jain says the alleged attack indicated that enterprises have “still not learnt from others, and do not give data security the importance it deserves.” He added, “They do not follow basic steps to ensure that customer data is well protected, especially financial information. Customers need to be made aware of the breach and provided means to protect against future misuse of their personal and credit card data. Organisations in India have to be made liable for such breaches with enough financial implication making data security a top priority in every enterprise.”