Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Sourajeet Majumder Profile picture
@TechCrucio
Apr 17, 2021 6 tweets 6 min read Read on X
Scrolly
NOT AGAIN ! A member of a #hacking forum has allegedly breached @dominos_india and got access to 13TB of internal files (from 2015-21), which he threatens to sell if a #ransom of 50 BTC is not paid 😨
#india #databreach #infosys #gdpr
#privacy
(1/5)
Acc to him, he has internal files of 250 employees from IT, Legal, Finance, Marketing, Operations etc. Also customers details and 180M order details (name, ph number, email, delivery address, payment details) and 1M credit cards used to purchase on the @dominos app.
(2/5)
The post made by him mentions that, he will be selling the #breached data for 2 BTC or 8 BTC (according to the package one chooses). However if @dominos_india wants to prevent the data from getting sold, they will need to pay him a ransom of 50 BTC💰
(3/5)
He also added that he has plans to build a search portal like the other group who were behind the #Mobikwik breach last month. However due to some difficulties with #MySQL, he is not able to do so but wants to hire someone who can help him out with it !
(4/5)
If these claims made by this hacker are true, this is going to be a big blow for @dominos_india, it's employees and most importantly it's customers. Expecting @dominos to look and act on it urgently !

Any updates on this incident, will be posted in this thread :)
(5/5)
*UPDATE 1*
When asked bout the samples of the breached data, the hacker responded by saying that he will be provididing samples to only serious buyers with the help of a "Middleman" but one needs to pay 10K USD to have a look at them. The money will be returned if the deal fails.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Sourajeet Majumder

Sourajeet Majumder Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @TechCrucio

Sourajeet Majumder Profile picture
Jan 13, 2022
🧵 How a misconfig let anyone view PII of Covid-19 patients and modify data related to Covid-19 sero survey (Of Haryana)

So, the Govt Of Haryana has 2 state projects under the @_DigitalIndia programme called :
1. Covid Sample Report Portal
2. Covid-19 Sero Survey Portal

(1/13)
According to official docs, the first portal is used to store COVID-19 testing details uploaded by all COVID-19 laboratories (public or private) for effective monitoring directly by @cmohry

Source : negd.gov.in/sites/default/…

(2/13)
#infosec #bugbounty #hacking
And the second portal is used to estimate and monitor the trends of sero-prevalence of SARS-CoV infection in the general population and high burden cities of Haryana.

Source : negd.gov.in/sites/default/…

(3/13)
#infosec #bugbounty #hacking
Read 14 tweets
Sourajeet Majumder Profile picture
Apr 18, 2021
Bad day for #job seekers 🤦
@wisdom_jobs which is one of the three major job portals in #India has allegedly been breached and login credentials of around 238K+ of its users have been made public for free by hackers on #telegram and #hacking forums :(
(1/4)
@sanjg2k1 @IndianCERT
The login credentials which the hackers have made public includes email address & Base64 encoded passwords which literally just takes 2 secs to decode and I have personally verified that almost all of them are working credentials 🥴
(2/4)
Cyber criminals can easily login using these credentials and can get access to a user's name, DOB, number, residence address, education background, marital status and many other info and also make any changes to it, which is scary !
(3/4)
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(