India: Dominos Pizza website hacked, customer data leaked

[Jake Kouns <jkouns () opensecurityfoundation org>]

http://www.newlaunches.com/archives/dominos_pizza_website_hacked_customer_data_leaked.php

Dominos Pizza has been in India for more than a decade now and with
much enthusiasm it decided to tap into the rapidly growing internet
population by launching its online ordering system late last year.
Recently a hacker managed to get away with a lot of customer data by
hacking into their server. Though the company is tight lipped on the
extend of the damage in an apologetic letter to its customers it
shamefully says that 'We have come to know that someone has hacked our
website with malicious intent and with the help of a script, managed
to extract some information on customer phone nos, email id and
delivery address of some customers. Although this data is not
classified information about our customers, still as a responsible
corporate we thought its important to inform you about this.. Online
privacy is still taken very lightly in India which reflects in the
fact that a company like Dominos treats customers address, mobile
phone numbers and email as non-confidential and has a privacy policy
dated in 2005.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/