Domino’s India recently revels a data breach in their system after being hacked by a thread actor and sold the data on a hacking forum. An attacker broadcast a new content on a hacking forum that where they mentioned to be selling 13 TB of data that contains information of about 18 crores (180 million) orders and 1 million credit cards, from Domino’s India on April 2021.
![[Alert] Attackers Start Selling Data Online that is Associated with Domino’s India!](https://xiarch.com/blog/wp-content/uploads/2021/05/dominos-india-disclosed-data-breach-image-1024x536.jpg)
All the data was sold out for approximately 10 BTC which is around $380,000 at today’s rate by a threat actor, and also shared some inspects of the database formation for the supposedly stolen data.
The same attacker recently launched a Tor dark web search engine that permits the user to enter some of their information like their phone numbers or email addresses to check whether their information is disclosed in the database.
It is very crucial to know that the same threat actor runs this service before using the Tor dark web search engine. Accordingly, any entered data in that search engine would lead to any malicious activity, like Phishing and smishing attacks.
![[Alert] Attackers Start Selling Data Online that is Associated with Domino’s India!](https://xiarch.com/blog/wp-content/uploads/2021/05/dominos-india-disclosed-data-breach-image1-1024x834.jpg)
Recently Domino’s India has told our experts that they tested the search engine, and it did contain their orders and the other crucial information from their accounts.
Domino’s India decisively reveal a data breach
Security researcher Rajshekhar Rajaharia tweeted that Domino’s India, who has been following this breach – over a month after it was first reported.
After Domino’s, India was hacked on March 24th, 2021 Jubilant Networks, the master franchise owner mentioned in a short email to customers and discloses that they were hacked on March 24th, 2021.
They also state that the attacker’s claims that they have stolen 1 million credit cards are false as they don’t have any financial information of customers on their sites.
![[Alert] Attackers Start Selling Data Online that is Associated with Domino’s India!](https://xiarch.com/blog/wp-content/uploads/2021/05/dominos-india-disclosed-data-breach-image2-1017x1024.jpg)
The only information of the users who used the search engine includes customers’ mobile numbers, names, email addresses, and GPS coordinates shared with our experts from the database tables.
Summering Up
If concluded, hackers can only exploit this data to perform future attacks, like Phishing scams and SMS messaging scams, to take further crucial data from disclosed in this data breach. Customers of Domino’s India observe the emails and texts seem to be from Domino’s and do not provide any sensitive information, such as credit cards and passwords until or unless you are especially accessing the official website of Domino’s India.
