Ransomware Attack & Data Extortion
- Attackers used skimming devices and malicious JavaScript code to steal card details and sell them on the dark web.
- Over 1.3 million credit and debit card records, primarily from Indian banks, were sold on the dark web card shop Joker’s Stash.
- The data breach revealed card numbers, expiration dates, CVVs, and, in some cases, cardholders’ names, emails, phone numbers, and addresses.
Domino’s India Data Breach (2021)
Modus Operandi:
- Hackers leaked data of 18 crore orders, including customer details and credit card information, on the dark web.
- The data was made accessible through a search engine created by the hackers.
Investigation Steps:
- Breach Detection: Monitoring revealed data availability on the dark web.
- Public Disclosure: Jubilant FoodWorks acknowledged the incident.
- Forensic Investigation: Conducted to determine breach specifics and affected data.
- Regulatory Notification: Informed relevant authorities about the breach.
- Customer Guidance: Advised customers on protective measures against potential fraud.