In the age of zero trust, vulnerability assessment reports are not enough for cybersecurity measures. Cybersecurity issues have considerably increased in the last few years in India.
Last month, a hacker group allegedly leaked credit card numbers, phone numbers, email, and bank account details of 9.9 crore payment gateway users. Similarly, an airline’s servers also got hacked in December last year, leading to compromise on some data and now the famous pizza outlet, Domino’s India also appears to be a victim of a cyberattack that was claimed by an Israeli cyber-crime expert. According to him, around 1 million credit card details are on sale on the dark web.
Additionally, the hackers are trying to sell the data to a single buyer for a large sum of money.
At the moment, Domino’s India has not confirmed whether their data has been leaked it not.
According to the Computer Emergency Response Team, during the COVID -19 pandemic, cyber attacks in India increased by around 300%, which is a worrying situation for India and many large and small organisations. Some cyber security professionals also say that AI and ML-driven malware will be the most major threats to organisations’ cyber security over the next few years.
Why did Domino’s Data get Hacked?
As one of the largest pizza restaurant chains in the world, Domino’s India must have inculcated some kind of security measures into their IT infrastructure to prevent themselves from cyber attackers. Still, they fail to protect 13TB data.
It means, there might be some loophole in the system that led to a data leak. In fact, this information has not been confirmed yet, but the company has not even declared a rumour to the news.
There can be a number of reasons why the database got leaked.
Some of the reasons can be:
- No external perspective on vulnerabilities
- Too much time spent reviewing tedious reports
- Only focus on penetration testing
- No consolidated view of cyber risk
- Too many tools to manage risk
- Millions of CVSS scores
How Could ESOF Have Helped Domino’s India Prevented Their Data –
Prevention is always better than cure and when it comes to the organisations’ data, it becomes even more critical to take care of the entire infrastructure.
We, at TAC Security, help Fortune 500 companies, large enterprises, and government organizations to measure, prioritize and mitigate risks.
We follow a risk-predicated susceptibility management approach where both traditional susceptibility assessment and more incipient threat and susceptibility management capabilities are accumulated in a single platform.
An organisation’s critical information i.e emails, passwords, website customer data, Intellectual Properties, etc., can all be easily traced on the deeper web. An organisation can access their breached data available on Dark Web on a real-time basis with the ESOF Dark Sec. By monitoring through DarkSec you can protect the breached data related to your company or any person connected while ensuring to stop a potentially defaming and huge cost bearing breach.
Our product ESOF-DarkSec assesses the risk of an organisation’s data of their employees, management, customer, or financial information available on the dark web on a real-time basis
Find out more about the Risk-Based Vulnerability Management tool – ESOF!