Heimdal Security Blog

180 Million Clients’ Data Was Exposed Following a Cyberattack Targeting Domino’s India

Domino’s India is the most recent organization to have its data compromised following a data breach.  The company has revealed it had suffered a cyberattack after an attacker gained unauthorized access to their systems and sold their stolen details on a hacking forum.

On April 16, 2021, threat actors had announced on a notorious hackers’ forum that they hacked Domino’s India servers and downloaded 13 TB of information that held staff and client private data.

The attackers also declared that they got over one million credit card information used to place orders on the application.

Source

A day later, they mentioned that they were looking for 10 BTC (Bitcoin) or $380,000 at today’s rates for the data. The cybercriminals also stated they were planning to create a search engine and were prepared to pay $1000 to anyone who could help them build it.

The hackers managed to launch a Tor dark web search engine that enables users to check whether their sensitive data is exposed in the database by entering their phone numbers or email addresses.

Users must remember this service is administered by these hackers when using the engine, hence any information they might submit could be utilized in malicious activities, such as phishing and smishing attacks (any kind of phishing that involves a text message).

Source

According to cybersecurity researcher Rajshekhar Rajaharia, who had initially exposed the breach data, people who can access a portal developed by the threat actor are using it to spy on clients by checking their location together with other information.

Today he tweeted:

When contacted, Jubilant FoodWorks, which owns Domino’s, stated the organization had recently been affected by a security incident but no financial information of users has been compromised.

Source

All Domino’s India customers should be on guard for emails and texts impersonating Domino’s and not provide any sensitive information unless they are specifically accessing the https://www.dominos.co.in/ website.