Credit card details of nearly one million people, who purchased online on Domino’s Pizza India, is allegedly being sold for over Rs 4 crore on the Dark Web.
Alon Gal, chief technology officer of security firm Hudson Rock, said a threat actor has hacked Domino’s India database worth 13TB.
The hacker is looking for around $550,000 (approximately Rs 4 crore) for the database. They have plans to build a search portal to enable querying the data.
“Information includes 180,000,000 order details containing names, phone numbers, emails, addresses, payment details and a whopping 1,000,000 credit cards,” Gal claimed in a tweet. “Plenty of large scale Indian breaches lately, this is worrying.”
Domino’s India was yet to react to Gal’s tweet.
Cyber security researcher Rajshekhar Rajaharia told IANS that he had alerted about this possible hack to the CERT-in (India’s national cyber defense agency) on March 5.
“I had alerted CERT-in about a possible Domino’s Pizza India hack where the threat actor got data access with details like 200 million orders and personal data of the users too. The hacker did not provide any sample,” Rajaharia said.
There have been hacking incidents involving Indian firms in the recent past, including Bigbasket, BuyUcoin, JusPay, Upstox and others.
Gal earlier this month claimed that personal data of nearly 533 million Facebook users, including 61 lakh Indians, were leaked online after a hacker posted the details on a digital forum.
The leaked data included Facebook ID numbers, profile names, email addresses, location information, gender details, job data, and other details.