Domino’s India’s database has allegedly been attacked and as large as 13 TB of data has been stolen, claims a threat actor resoonsible for this mishap. About 250 employees’ personal information is now at stake alongside jeopardizing about order details worth 18 Cr.
Alon Gal, cofounder and CTO of cybercrime intelligence company Hudson Rock, announced the data leak on Twitter. Gal discovered the database on the dark web, where it was being sold for two to eight bitcoins. The hacker allegedly wrote on the dark web marketplace that if Domino’s India wishes to keep the database from being sold, it must pay the hacker 50 bitcoins as ransom.
The screenshots shared on Twitter reveal that the stolen data belongs to the time period ranging from the year 2015-2021 and the threat actor has plans to make it available via a search portal on the web, similar to the Mobikwik hackers approach.
Customers’ personal information is stored in the database, which they must provide to Domino’s India when placing an order. Names, phone numbers, email addresses, and payment card information are among them. The hacker, on the other hand, has denied sharing any samples of the stolen data with cybersecurity researchers, so concerns about the stolen data, its scale, and contents are indeed allegations.
A Domino’s India spokesperson told Inc42 that while the company had recently identified a “information security” incident, no financial information of users had been compromised