Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Domino’s India Discloses Data Breach After Hackers Sell Data Online

Domino’s India Discloses Data Breach After Hackers Sell Data Online

Domino’s India has disclosed a data breach after a threat actor hacked their systems and sold their stolen data on a hacking forum.

In April 2021, a threat actor created a new topic on a hacking forum where they claimed to be selling 13 TB of stolen data, including details for 18 crores (180 million) orders and 1 million credit cards, from Domino’s India.

Threat actor selling data for Domino’s India

The threat actor was selling the data for approximately 10 BTC, or $380,000 at today’s rates, and shared samples of the database structure for the allegedly stolen data.

This month, the same threat actors launched a Tor dark web search engine that allows people to enter their phone numbers or email addresses to see if their information is exposed in the database.

Before using this search engine, it is vital to remember that the threat actor run this service. Therefore, any submitted data could be used for further malicious activity, such as phishing and smishing attacks.

Domino’s India Tor search engine

Also Read: What You Should Know About the Data Protection Obligation Singapore

Domino’s India users have told BleepingComputer that they tested the search engine, and it did contain their orders and other personal information from their account.

Domino’s India finally discloses a data breach

Today, Security researcher Rajshekhar Rajaharia, who has been following this breach, tweeted that Domino’s India has finally begun disclosing the data breach – over a month after it was first reported.

In a short email to customers, Jubilant Networks, the master franchise owner for Domino’s Pizza in India, disclosed that they were hacked on March 24th, 2021.

However, they state that the threat actor’s claims to have stolen 1 million credit cards are false as they do not store any financial details of users on their site.

Domino’s India data breach notification

From the database tables and information shared with BleepingComputer by users who utilized the search engine, the data does include customers’ mobile numbers, names, email addresses, and GPS coordinates.

When combined, hackers can use this information to perform further attacks, such as phishing scams and SMS messaging scams, to steal further sensitive data from those exposed in this breach.

Also Read: The Difference Between GDPR and PDPA Under 10 Key Issues

All Domino’s India customers should be on the lookout for emails and texts pretending to be from Domino’s and not provide any information, such as credit cards and passwords unless you are specifically accessing the website.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us