Recently dominos suffered a data breach of around ~18 crore orders. The worst part being, someone has made this accessible to public and one can just search by phone number or email their orders, address, date, amount paid, total orders, total worth of orders etc.
I tried it myself and it seems pretty scary to have all that correct data along with my address, phone number and mail id’s lying in public domain. There is immense scope of misusing the same. Just hoping that these payment details are not breached already.
It isn’t that dominos cannot or does not afford cyber security or relevant audits, but what can be done to avoid such occurrences specially in a still fin-tech naïve nation. Just curious if there are any rating agencies or tools like glassdoor or trip advisor who could rate organizations on the basis of steps taken towards cybersecurity.
An interesting tool I came across: https://haveibeenpwned.com/ which helps check if my credentials are a part of any data breach that has occurred. Still trying to figure how it works, though it identified the services I’ve used correctly with just my mail/phone number.