April 2021 is turning out to be a rollercoaster ride of a month when it comes to cybersecurity!
In what can only be called a shocking revelation, it has been found out that Domino’s India has become the latest victim of a massive data leak.
On Sunday, a cybersecurity researcher reported that the credit card details of a whopping 10 lakh individuals who made online purchases on Domino’s Pizza are being sold on a dark web hacking forum for over Rs 4 crores ($550,000)!
The security researcher Alon Gal, CTO of Hudson Rock, a security firm, also revealed that the threat actor has claimed to possess a 13TB worth hacked Domino’s India database. Gal mentioned that the hacker is looking to mint close to $550,000 from selling the database and has plans to build a search portal that will enable accessing and querying the data with ease.
Gal, in a tweet, wrote that the list of breached information includes data points from 1,80,000,000 order details. The orders had full names, phone numbers, email, physical addresses, and 1,000,000 credit card details attached to them.
Currently, Domino’s India has neither reacted nor commented on this red flag. Nonetheless, Rajshekhar Rajaharia, an independent cybersecurity researcher, has alerted the Indian Computer Emergency Response Team aka CERT-in on March 5th after taking note of the tweet from Gal.
Rajaharia, in a statement, said that though he has raised the issue to CERT-in, the hacker, however, is yet to provide any sample to prove he is indeed in possession of the hacked Dominos India data. Therefore, there might just be a sliver of hope that the alleged data breach is, in fact, a false alarm.
But that being said, as mentioned earlier, April has been a month of reckoning for cybersecurity. Two weeks ago, about 553 million Facebook users data was leaked in a hacking forum online, and it didn’t even spare the personal details of Mark Zuckerberg himself!
Soon after, news surfaced about LinkedIn suffering a similar data breach wherein the corporate information of 500 million users was scraped and posted online in a low-level hacking forum.
Last week, the audio-only social media platform Clubhouse also suffered a massive data leak of 1.3 million users.
And, if that wasn’t enough already, those incidents were quickly followed by Upstox’s data leak. Upstox is one of India’s largest discount broking firms. According to media reports, close to data of 25 lakh Upstox customers in the latest data breach.
Thus, all in all, it is high time everyone takes internet security seriously. The data collected from these data breaches can very well help several scamsters, threat actors, etc., execute financial frauds, phishing scams and more. Therefore, one must stay vigilant at all times and choose to share consciously share critical information on online platforms. We will keep you updated on all future developments. Until then, stay tuned.