Domino’s India website was allegedly hacked and sensitive customer details such as names, phone numbers, and credit card details have been put up for sale on the dark Web.
The hacker who sells the data claims that the data includes details of about 18 crore orders received by the pizza chain.
Allegedly, Domino’s India data was taken earlier in April and this included customer information and also its internal files that included details about the company’s 250 employees, amounting to 13TB. However, this information has not been confirmed yet.
Alon Gal, CTO of cybersecurity firm Hudson Rock has tweeted about the Domino’s India breach. He said that the hacker was selling the data for around 10 BTC (roughly Rs. 4.25 crores or $569,000 at current market rates).
The hacked details are believed to also include the details of 10 lakh credit cards. The order details leaked included customer names, phone numbers, email IDs, addresses, and payment details. The breach is claimed to also include Domino’s India’s internal files that were generated between 2015 and 2021.
The hacker posted messages on the dark Web planning to build a search portal that will enable querying of the leaked data.
According to statement by a company spokesperson, Domino’s India is owned by foodservice company Jubilant Foodworks that operates the franchise of American pizza restaurant chain Domino’s Pizza. The franchise has a network of 1,314 restaurants in 285 cities. In addition to India, Jubilant Foodworks operates the Domino’s Pizza brand in Bangladesh, Nepal, and Sri Lanka. It is, however, unclear whether the breach included the data of customers in the other three countries.