PIZZA Sale on Dark web — 13TB Internal files & 1Million credit card data being sold
PIZZA Sale on Dark web — 13TB Internal files & 1Million credit card data being sold
Hello netizens! We are writing late about a recent data breach which targeted Indian PIZZA giant “Dominos”, because we were trying to gather all the chatter which was happening regarding this data breach. However we were the first to report it to dominos, as soon as we noticed that a member was selling 13TB data of Dominos India and published on a leak forum on 16th April, 2021. Below is our tweet, where we have informed Dominos within few hours of the actual post.
During our daily deep web scanning, we came across a post about the breach which allegedly selling Internal files of 250 employees from IT, Legal, finance, Marketing and operation towers of Dominos. To be specific they have the data of 180 Million orders and along with the customer details like PII (Personally Identifiable Information) – Name, Phone number, Email id, Delivery address with PIN code, Payment details. 1 Million credit cards used to purchase on Dominos App and Website.
Member claimed to have internal files that contain files ranging from dates of 2015 to 2021 and they also got hold of outlook mail archives. Sample posted as Database Schema, Structures and Directories.
Officially they haven’t quoted any price for the data as probably they are new to the platform to sell the data and are unsure of its worth, but going through the chatter on the leak forum, we understood that member is expecting 50 Bitcoin for the data, if Dominos don't want data to be published in public.
Furthermore, member showed interest in creating a search engine for netizens to verify their data, whether they have been compromised or not. They also have advertised a one day job offer of $1000 for specialist, who hold experience in MySQL and backend API to help them create the search engine.
Other members on the leak forum was interested to know about the breach, they were discussing and suspecting, a Social Engineering attack or Dominos might have left open their AWS S3 bucket?, But member (who is claiming for the data) has declined the statement and said — Dominos security is better and they didn't get misconfigured AWS S3 bucket.
Moreover, other members are also showing interest in buying the data and negotiating a deal with the member (who is claiming for the data), Later, member said — Negotiation is possible, if both parties decide a middle figure, else member will release the data publicly.
Few days later, member (who is claiming for the data) has posted about successful creation of a search engine. And claiming to release it soon…!
By the above comment of creating a search engine, one thing can be taken as inference “ it might be the same group who was behind the Mobikwik data breach, which has impacted its 10 million users”.
Meanwhile, refuting the data breach claims, Domino’s India has clarified that its user data has not been compromised. The pizza delivery chain said in a statement — “Jubilant FoodWorks experienced an information security incident recently. No data pertaining to financial information of any person was accessed and the incident has not resulted in any operational or business impact. As a policy we do not store financial details or credit card data of our customers, thus no such information has been compromised. Our team of experts is investigating the matter, and we have taken necessary actions to contain the incident”.
Furthermore, considering the company response on this data breach, and buying interest by cyber scammers for the data evidently happening on the Forum, we suggests you to follow the below steps to be safe from cyber abuses:-
1. Immediately change your passwords from App and websites.
2. Enable 2FA (Two-Factor Authentication) on your accounts.
3. As soon as claimed search engine gets active, users can verify whether their information is included in a breach, by searching for your email address, and phone number.
4. If the breach involves financial information, the first thing to do is alert your bank of possible fraud and monitor your statements for strange charges.
5. Kindly be more attentive or avoid falling prey from Phishing/SMShing/Vishing attacks from bad guys. As cybercriminals might perform credential stuffing attacks by getting hold of these data, and data can be sold openly to anyone who can pay for it.
6. Last but not least, to be safe on internet, follow not to enter genuine personal information (like entering a fallacious DOB) on retail/e-commerce portals, also never save your credit card details on the platform/portals as these are very essential details for credit card skimming and impersonating your data.
A data breach can surely cause loss of revenue and reputation, but mostly affects the customers or partners whose data was stolen. Therefore, getting the aid from their internal incident response teams or an experienced third-party can help mitigate the impact of the breach, including public relations, legal and communication experts to perform damage control. Companies should never ignore a data breaches and take it seriously, act fast and securely, collecting as much information as possible about what happened and why.
With the increase in data breaches in the country, it’s becoming vital that the Government of India should take necessary steps to protect the data rights of their citizens. And its need of an hour, to strictly implement Data Protection Regulations in India, so that companies should be taking compliance seriously.
We suggest companies to start enrolling themselves to bug bounty programs, so that independent security researchers or bug bounty hunters help businesses detect software vulnerabilities and configuration errors before the bad guys beat them to it. Implementing a bug bounty program is getting ahead of the game by being proactive and predictive.
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —This blog is a part of an independent research which we do on a frequent basis to keep internet a safer place.
Security Chronicle is a team of independent security researchers and a dedicated security news platform to educate, aware netizen on security risks & threats.
Previous Post
Next Post