According to information shared by a cybersecurity expert, a hacker has allegedly leaked customer data of Domino’s, a pizza restaurant chain. The company has acknowledged the data breach but said that customers’ financial information was not exposed because of it. As per the cybersecurity researcher Rajshekhar Rajaharia, people who have access to a portal developed by the hacker are using it to spy on customers by checking their location and order date and time. Currently, the hacker has made all leaked data public.
“Data of 18 crore orders of Domino’s India have become public. Hacker created a search engine on Dark Web. If you have ever ordered @dominos_india online, your data might be leaked. Data include Name, Email, Mobile, GPS Location, etc.,” Rajaharia tweeted.
How to check if your Domino’s India data has leaked
When contacted, Jubilant FoodWorks, which owns Domino’s, said the company had recently experienced a security incident, but no financial details of customers have been breached.
“Jubilant FoodWorks experienced an information security incident recently. No data about the financial information of any person was accessed, and the incident has not resulted in any operational or business impact. As a policy, we do not store the financial details or credit card data of our customers. Thus no such information has been compromised. Our team of experts is investigating the matter, and we have taken necessary actions to contain the incident,” the company spokesperson said.
Rajaharia said the hacker had created a search engine for the database, which people are misusing.
“The worst part of this alleged breach is that people are using this data to spy on people. Anyone can easily search any mobile number and check a person’s past locations with date and time. This seems like a real threat to our privacy,” Rajaharia said.
As per a statement by Prakash Bell, Head of Customer Success and SE Lead, India & SAARC, Check Point Software Technologies, “Users need to educate themselves with data privacy practices and engage with vendors with only the right amount of information necessary. Restrict certain services to specific numbers/email-IDs, and where possible, enforce parental controls on children’s accounts and devices.”
To recall, it was only last month that Dominos India had fallen prey to a cyber attack where hackers gained access to 13 TB worth of data, including 180,000,000 order details containing names, phone numbers, payment details, and a million credit card details.