A menace actor is proclaiming to have stolen the personal details of more than a million shoppers of Domino’s Pizza.
In an advert positioned on the dark web, the alleged hacker says that they are marketing 13 terabytes of knowledge that they declare was stolen from the Indian department of the American multinational pizza restaurant.
The illicit ad was learned by Alon Gal, the co-founder and main technology officer of Israel-centered cybercrime intelligence business Hudson Rock. Gal posted news of the alleged hack on social media on April 18.
In his publish, the cybersecurity expert stated that the knowledge appeared to include things like the details of as many as 180 million Domino’s orders. Among the allegedly leaked details was sensitive customer data, like phone quantities, addresses, email addresses, and the particulars of in excess of 1 million credit score playing cards.
Gal said that dark web buyers had been currently being available the prospect to buy the info for $550,000.
To enable the info to be selectively picked by means of, the threat actor said that they would be developing a lookup portal.
A spokesperson for Domino’s Pizza in India explained that Jubilant FoodWorks Restricted, which retains the grasp franchise for Domino’s Pizza in India, Nepal, Sri Lanka, and Bangladesh, had professional an details security incident recently.
“No details pertaining to money info of any human being was accessed and the incident has not resulted in any operational or business enterprise influence,” reported the spokesperson.
They additional that customers’ monetary knowledge was not susceptible to hacking attacks simply because of the company’s info storage procedures.
“As a policy, we do not retailer fiscal specifics or credit rating card data of our shoppers, so, no these types of info has been compromised,” explained the spokesperson.
They included: “Our crew of professionals is investigating the issue and we have taken vital actions to consist of the incident.”
Cybersecurity researcher Rajshekhar Rajaharia said that he alerted the Indian government’s Computer system Unexpected emergency Response Crew (CERT-In) on March 5 that information belonging Domino’s might have been uncovered on the dark web given that February.
On Twitter, Rajaharia stated that the threat actor claiming to have hacked the pizza restaurant may perhaps be the exact man or woman who allegedly hacked India’s greatest independent cellular payments network, MobiKwik, in February.
Some sections of this article are sourced from: