Massive data breach in Domino’s India; millions of credit card numbers and other confidential records exposed

An unusual cybersecurity incident has impacted thousands of people in India. Recently a cybersecurity researcher claimed that information from at least 1 million payment cards is on sale on a dark web forum for about $500,000 USD. This information would have been collected from Domino’s Pizza India systems.

Alon Gal, chief technology officer at security firm Hudson Rock, a malicious hacker claims to have hacked Domino’s India database of about 13 TB of information. The seller states that, if you sell this database for the desired amount you will even create a search portal for querying the contained data.

In the expert’s words, the information includes more than 180 million order details to the pizza restaurant chain, which contain names, phone numbers, addresses, email addresses and payment details, in addition to the million payment cards exposed: “This is one of the most serious data breach incidents in recent times,” the expert says.

On the other hand, researcher Rajshekhar Rajaharia filed a report noting that CERT-IN, a cybersecurity agency in India, would have been the victim of a cybersecurity incident that resulted in the leak of more than 200 million personal records. It should be clarified that, although this alleged leak is still on sale, the seller provided no evidence of the authenticity of the incident.

During the most recent months there have been multiple security incidents affecting thousands of people in India, involving the commitment of systems in companies such as Bigbasket, BuyUcoin, JusPay, among others. Gal’s report also notes that of the 533 million Facebook records recently displayed, some 166,000 records belong to users in India. This leak included usernames, Facebook identification numbers, email addresses, gender location details, job information, and other details.

While Facebook argues that this information was collected at least three years ago, cybersecurity specialists believe that it is best to reset passwords on affected accounts. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.