Leakage or theft of data is not a new thing but in the sequence, the name Domino’s pizza was a new add-on. A case of alleged online leaking of the records of millions of Domino’s customers has come to light.
Israel’s cybercrime intelligence company, about 13 terabytes of data is expected to be leaked, according to Alan Gail, chief technology officer at Hudson Rock. In the tweet, he mentioned that this data contains information relating to about 18 crore orders.
Order information includes Customers’ mobile numbers, e-mail addresses, payment information that was being sold on the dark web, and huge amounts were being sought for it, said Gail.
Domino’s India, in their statement, said that according to their policy they have not submitted financial information of customers, and also agreement has been made on any information. Although Domino’s India has definitely admitted that some time ago a matter related to information security had come up in Jubilant FoodWorks which is the parent company of Domino’s India.
One more biggest loot in Indian cyberspace is believed to be the e-grocery BigBasket data leak. According to a global security firm reported, the information of 20 million user accounts in the cybercrime market and was soon put on sale for 3 million rupees. The news was confirmed only by 7th November when the company agreed to the leak.
Preceding the month, six major breaches that shook users into senses were reported which include cases such as sweet seller Haldiram Snacks Pvt Ltd, PM Modi’s personal website Narendra Modi.in, online matrimonial service Bharat Matrimony and Indian Railways’ online ticketing portal IRCTC. Dr. Reddy’s Laboratories and e-commerce company Paytm Mall also witnessed cyber-attacks later in the year.
The pattern of attacks shows the focus at the government agencies and registers, putting out the fact that our national databases are unsuccessful in protecting their sensitive data as with relevant requirements of online data but without adequate rules and regulations to check, is cumbersome for the country as a whole. Indian Cyberlaw only a single act in-store, the Information Technology act of 2000 that defines cybersecurity only as lip service to the cybersecurity legal framework.
Data breaches from government websites are a matter of great concern for our nation. The official data including the voter’s ID number, Aadhar card details such as fingerprints and retina scan, and health reports are all zooming around in parts of the dark web with a tag ‘for sale’. The database leak of the Police department’s examination of 5 lakh candidates was kept on sale in the database sharing forum of the dark web at the end of 2019. The leak was traced on 22 December 2019 and found to be the information of the candidates from Bihar who attempted the examination.
The Payment app is also not left behind, MobiKwik on 29th March 2021 came under limelight for an alleged data leak that is said to have exposed close to 8.2 terabytes of data, including know-your-customer (KYC) details, addresses, phone numbers, Aadhaar card data of its users on the dark web. Although, the company has denied the breach. The company’s ignorance to accept has invited the circulation of links on the dark web disclosing personal details if the information was out in February.
The situation in Indian cyberspace is worsening and only cybersecurity awareness and acknowledgement of victimization by various malicious activities can curb the condition. It is high time to act upon our own safety and privacy in this online world.
