# Leaked data of Dominos India users now available on search engine created by hacker



## RumbaMon19 (May 22, 2021)

*www.indiatoday.in/amp/technology/n...h-engine-created-by-hacker-1805595-2021-05-22





Huh......


----------



## Desmond (May 23, 2021)

Damn, does anyone have the complete onion link?


----------



## thetechfreak (May 23, 2021)

Even air India leaked 10 year data recently. That's worse. 

Sent via Tapatalk


----------



## khalil1210 (May 23, 2021)

Desmond David said:


> Damn, does anyone have the complete onion link?


link: *slf2rrahypck3bwckpdohsnhpeqrb3nhvwznjmarmweofwnptowe4mad.onion.ly/

source: 




__
		https://www.reddit.com/r/india/comments/nj6okz


----------



## Desmond (May 23, 2021)

What's scary is that payment info is currently withheld. When payment info gets exposed that's when **** will hit the fan.

If you have ever ordered from Dominos, you need to keep an eye on this.


----------



## RumbaMon19 (May 23, 2021)

Desmond David said:


> What's scary is that payment info is currently withheld. When payment info gets exposed that's when **** will hit the fan.
> 
> If you have ever ordered from Dominos, you need to keep an eye on this.



That is what giving me chills. And look hoe irresponsible dominoes is. Nothing is done till now to fix it.


----------



## RumbaMon19 (May 23, 2021)

One thing, I never stored my cc on Domino's server, like when it asked me to save for later, I unchecked it. Still in danger? Or depends on Domino's if they stored it?


----------



## Nerevarine (May 23, 2021)

RumbaMon19 said:


> One thing, I never stored my cc on Domino's server, like when it asked me to save for later, I unchecked it. Still in danger? Or depends on Domino's if they stored it?


That uncheck does absolutely nothing..


----------



## Nerevarine (May 23, 2021)

Dont go search your email in that onion link. You might make yourself a bigger target, right now atleast you are "safe among the numbers"

Change your cards if you used them on dominoes, atleast disable international transaction.. change your email password..


----------



## RumbaMon19 (May 23, 2021)

Nerevarine said:


> Dont go search your email in that onion link. You might make yourself a bigger target, right now atleast you are "safe among the numbers"
> 
> Change your cards if you used them on dominoes, atleast disable international transaction.. change your email password..


Yess, currently doing those. I didnt go To that link as i was already suspecting that.


----------



## RumbaMon19 (May 23, 2021)

Any good measures to take for cc protection? I have changed all passwords linked to that id and everything else. But cc is concerning me. I read that it doesnt require otp too
Your credit card can be used for payment without PIN or OTP , A must read informative blog
(got it from that reddit)

should i get them Blocked? ( will only do this if severly required, as it is tiresome due to my health right now) i have disabled international transactions.


----------



## Nerevarine (May 23, 2021)

If you have disabled international transactions, you are semi-safe. All Indian transactions require OTP anyway. 
DO you remember if you have used the same cc in dominoes ever ? Only then it is concerning.


----------



## RumbaMon19 (May 23, 2021)

Nerevarine said:


> DO you remember if you have used the same cc in dominoes ever ? Only then it is concerning



actually i used to prefer cod but was forced to cc because they were not accepting cod . i used it last time in november 2020. I was alreadyplanning to deactivate cc and switch to dc by the end of june. Seems i need to do that quickly now.


----------



## spartan_in (May 24, 2021)

Why we are so weak in cyber space & these cyber attacks happens again & again?? Who will be held responsible for all this? Consumer or the Company!!


----------



## Nerevarine (May 24, 2021)

spartan_in said:


> Why we are so weak in cyber space & these cyber attacks happens again & again?? Who will be held responsible for all this? Consumer or the Company!!


If this was us, they would be sued to repay a lot.
If this was EU, dominoes would be finished


----------



## spartan_in (May 24, 2021)

I heard that we have some sort of cyber army but they seems to be busy in hacking facebook/instagram account as per nibba/nibbi requests I guess!!


----------



## Vyom (May 24, 2021)

Haven't entered a pizza in like years. I hope my details are not with them.
But I am definitely not checking if I am compromised. Hackers could put that data to the first list "to abuse". lol.


----------



## $hadow (May 24, 2021)

This is messed up but I've never ordered from them directly, guess paying a bit extra to Zomato doesn't sound this bad atleast.


----------



## TheSloth (May 25, 2021)

$hadow said:


> This is messed up but I've never ordered from them directly, guess paying a bit extra to Zomato doesn't sound this bad atleast.


why are you giving ideas to hackers?


----------



## Vyom (May 25, 2021)

TheSloth said:


> why are you giving ideas to hackers?


It's just the matter of time. You don't need to give them ideas. Security of most companies are this bad. Especially in India.


----------



## TheSloth (May 25, 2021)

Vyom said:


> It's just the matter of time. You don't need to give them ideas. Security of most companies are this bad. Especially in India.


You are right. Except the big ones like Amazon, Google ... I really doubt other companies are investing in data security at this point. Hope this Dominos case becomes an example and everyone bolster their security otherwise as you said, its just a matter of time


----------



## $hadow (May 25, 2021)

TheSloth said:


> why are you giving ideas to hackers?


hackers got a mind of their own but this has given us a head start at least. I've removed all of my CCs from Zomato and Swiggy and will try to stick with these pay later services


----------



## Vyom (May 25, 2021)

Also, block your card for international usage, if you don't mean to spent on international sites.


----------



## Desmond (May 25, 2021)

What we need is some kind of compliance certification system for any eCommerce company in India. Given the frequency of data leaks we really need something like this.

Make it mandatory for any company that requires to store user's personal information to comply with a set of standards for data security and make them undertake frequent system audits to ensure that they remain certified. If a company is not certified then they should mention a disclaimer in their site notifying the public to deal with them at their own risk.

Government needs to step in and make some regulation like this to prevent (or reduce) such leaks in the future.


----------



## Deleted member 345628 (May 25, 2021)

Anyone's using a burner phone number while lately providing info online?


----------



## Desmond (May 26, 2021)

Are there any services that provide burner phone numbers?


----------



## RumbaMon19 (May 26, 2021)

Desmond David said:


> Are there any services that provide burner phone numbers?



Yes, and some are indian also

*www.doosra.com/
Doosra is meant exactly for this purpose, and 59/month is not bad. And they have updated there homepage regarding the recent breach 


You may also use textnow for US VoIP numbers.


----------



## Nerevarine (May 26, 2021)

Desmond David said:


> Are there any services that provide burner phone numbers?


A burner debit card is even more important. A zero balance account with minimal amount of money


----------



## Deleted member 345628 (May 26, 2021)

PayTM Payments Bank is giving free Virtual VISA Debit Card .


----------



## Nerevarine (May 26, 2021)

Pranay Mokida said:


> PayTM Payments Bank is giving free Virtual VISA Debit Card .


No I don't trust Paytm, get digibank or kotak 811 if you want virtual visa debit card


----------



## Deleted member 345628 (May 26, 2021)

PayTM Bank UPI Servers work like charm . I haven't found any better alternative to it . Why you don't trust PayTM ? Just Curious !


----------



## Zangetsu (May 26, 2021)

I checked few numbers of my friends and its there. But no CC info which is good. 
Only thing exposed is:
Email
Order date
Price
Long/Lat
Address


----------



## RumbaMon19 (May 26, 2021)

I am getting this strong feeling that this is done by some skid, and the guy doesnt have any copy of data, he has just linked his search engine to database of dominoes through some backdoor or security flaw in there. Due to which credit card info is not there, but only phone numbers etc.


----------



## OrrBitt (Jun 2, 2021)

Is it okay if I had earlier saved debit card info (not credit card) in the app? I've removed it now, but when the leak took place, it would have been in there.


----------



## khalil1210 (Jun 2, 2021)

You can disable international transactions and enable it when required.

You can set the maximum transaction amount to ₹100 or ₹500

Some banks allow to temporarily disable the debit card. You can disable it and use only when required.


----------



## OrrBitt (Jun 3, 2021)

I've already disabled transactions for the card.

Disabling and re- enabling every time one wants to use it isn't viable, as is setting too low a limit.

Do credit and debit cards carry the same risk?


----------



## Nerevarine (Jun 8, 2021)

Banks have checks and balances for fraudulent transactions but still be wary


----------



## RumbaMon19 (Jun 18, 2021)

I was expecting  spammers coming up with advert of cybersec institutes instead of mba ones After this incident


----------



## whitestar_999 (Jun 18, 2021)

Desmond David said:


> Are there any services that provide burner phone numbers?


Late reply but anyway. There is no legally valid burner number service in India as per current laws & rules, you can still use burner numbers from international services but the number you get won't be in Indian mobile number format. As for services like Doosra, you will have to do full video kyc so not much point compared to getting another sim just for unessential/shopping/food ordering sites(why make your full kyc details available at one more place compared to mobile service providers which already have your details).
@RumbaMon19


----------



## whitestar_999 (Jun 18, 2021)

Nerevarine said:


> A burner debit card is even more important. A zero balance account with minimal amount of money


You can create as many virtual disposable debit cards as you want from netbanking of many major banks like sbi, hdfc, icici etc or you can simply use a relodable prepaid card like hdfc payzapp or icici pockets. However there isn't much point compared to just getting a zero balance acc with regular virtual debit card from kotak 811 or paytm(digibank now has 5k min avg balance requirement). Also it is advisable to directly use your card only on trusted sites(security wise). e.g. amazon/flipkart security can be considered as good & sometimes even better than many small Indian banks while those like big basket/grofers/dominos/zomato/swiggy etc I always doubt & hence never used my card directly on any of these sites.

Also credit cards are always more secure than debit cards because of their inbuilt fraud prevention system. In case of credit card transaction it is not like debit card where money is instantly debited from account, instead it is like the merchant gets a guarantee from bank which issued the credit card that it will pay the amount later(usually 2-3 days). Merchant has to submit order details to credit card company which then pay to merchant after verifying payment details(hence the process takes a few days because credit card companies are basically repaying loans on behalf of their customers). If you notice any fraud transaction then immediately call credit card company & the company will put the payment to merchant on hold until it investigate. Another thing to consider is that in case of debit card fraud it is your personal money which is at stake while in case of credit card fraud it is bank's own money which is at stake so no need to say which will be taken up on priority & with more sincerity by a bank.

@Desmond David @RumbaMon19 @TheSloth @OrrBitt @$hadow @Vyom


----------



## Nerevarine (Jun 18, 2021)

What ? How do I create virtual disposable debit card ? This option is greyed out in sbi, and icici. I have been trying for months.


----------



## whitestar_999 (Jun 18, 2021)

Nerevarine said:


> What ? How do I create virtual disposable debit card ? This option is greyed out in sbi, and icici. I have been trying for months.


Ok! I guess this service has been disabled by banks because of the misuse for first time/unique card user offers. Just install hdfc payzapp or icici pockets then & use them(basic kyc limit is 10k total funds add in a month, full kyc payzapp needs hdfc bank acc while icici pockets needs either icici bank acc or icici credit card).


----------



## Nerevarine (Jun 18, 2021)

whitestar_999 said:


> Ok! I guess this service has been disabled by banks because of the misuse for first time/unique card user offers. Just install hdfc payzapp or icici pockets then & use them(basic kyc limit is 10k total funds add in a month, full kyc payzapp needs hdfc bank acc while icici pockets needs either icici bank acc or icici credit card).


I'm assuming these aren't international cards. If yes, then we are golden.

The only reliable way I've found till now is kotak 811 which lets you delete your VDC upto a max 3-4 times


----------



## whitestar_999 (Jun 18, 2021)

Nerevarine said:


> I'm assuming these aren't international cards. If yes, then we are golden.
> 
> The only reliable way I've found till now is kotak 811 which lets you delete your VDC upto a max 3-4 times


As per RBI guidelines no prepaid card can do international transactions nowadays. As for domestic transactions otp is must so even if card details are leaked it doesn't matter much unless you are tricked into telling your otp based on card details told to you by some "support executive" over phone.


----------



## Nerevarine (Jun 18, 2021)

Yes, true enough. There were some ehm ehm sites from which I wish to purchase Skyrim legendary edition. (It's not available in steam store). For that I needed some way to dispose off a card. But I decided to screw it.


----------

