CHENNAI: In a major data leak, customer information related to 18 crore orders placed with Domino’s India have been made public by a hacker who claims to have breached the pizza major’s servers. The day on which an order was placed on Domino’s website or app, the exact delivery location, and the amount spent were among the information put out by the hacker.
“Domino’s India Data Breach 13TB employee files and customer details. Search your phone number or mail
id. 180M rows searchable,” reads a web page with a search link created by the hacker. The hackers also declared that payment details and employee files will be made public soon.
The leak was first noted by cybersecurity researcher Rajashekhar Rajaharia who flagged it on Twitter. “The worst part of this alleged breach is that people are using this data to spy on people,” he said.
As of Sunday evening, around 1.8 crore searches had been made on the database. Twitter users were shocked at the authenticity of their purchase data reflecting on the page. “The Domino’s India data was hacked into. Just saw all the addresses that I’ve lived in, are now easily mapped against my phone/email, floating around the internet …,” Abhishek Nair (@Abhi1Nair) wrote.
Cybersecurity specialists TOI spoke to say the data leak is a result of a breach in the servers of the pizza chain earlier in April and is likely by the same hacker.
Jubilant FoodWorks (the company which operates the pizza chain) admitted to the data breach then, and said that customers’ financial information remains safe.
Jubilant reiterated on Sunday that the payment portion of customers’ data remains safe as they do not store financial details.