Till not very long ago, data theft and cyber threats existed in science fiction movies, where imagination played a key role rather than reality. Not anymore. The recent data leak of Domino's India's orders once again puts the spotlight on the dark dingy cyber space. After the data related to over 18 crore orders appeared on the dark web last month, now the same database has been made public by those behind the hacking. That's the worst nightmare, comprising data leak, confirmed. And who hasn't ordered from Domino's?
Jubilant FoodWorks, which runs the massive chain of Domino's India outlets, faced another cyberattack within a month of the previous one. While the previous one compromised the security and privacy of those behind the 18 crore orders in question, the latest attack makes the personal information of customers public.
The incident came to light after a cybersecurity researcher Rajshekhar Rajaharia claimed that the data of 18 crore orders placed with Domino's India had been made public by the hacker on the dark web. The data includes information like GPS location, name, e-mail addresses, contact numbers of the customers, among others. Via his official Twitter handle, Rajaharia warned of serious consequences and possibilities with the data now available to hackers.
What did the hacker do?
After stealing the information, the hacker has now created a search engine on Dark Web. The data includes information like names, email ids, mobile numbers, payment details, GPS location among others of the customers. Rajaharia further informed that those who ordered from Domino's India online might be at risk. Rajaharia maintains it's the same person who earlier hacked financial services company MobiKwik.
"The earlier hacker failed to receive ransom and sold the data to some unknown hacker, who has now posted the 13TB data of Domino's India on the Dark Web," he told IANS.
The consequences of the breach
It can affect users in plenty of known and unknown ways at the moment. The potential of the damage is not just vast but unknown at the moment. Apart from the fact that people can spy on people's past locations, or make unwanted calls, messages, hackers can also track past moments, use the information to swindle in multiple ways, and monitor online activities.
Any data breach especially where the email ids and mobile numbers are concerned, naïve users can be preyed upon using phishing techniques to steal financial information.
What does Domino's India say?
Domino's India franchisee owner Jubilant FoodWorks in an earlier statement had admitted to a security incident at the company but said that it did not result in any operational or business impact. It says that the data breach is being investigated upon and it also claims that no financial information of the customers has been compromised.
Beware of random phone calls, emails, messages and any links
People who have placed orders over Domino's App or website, and paid through plastic money are especially advised to monitor rogue or random calls, messages, links, emails. They are advised to not respond to any suspicious correspondence.