After a hacker made 13TB data of nearly 18 crore orders of Domino’s India with key details public on the Dark Web, cybersecurity researchers on Monday stressed the need for organisations handling end-user data to invest more in cybersecurity solutions and practices to enhance their security posture.

Independent cybersecurity researcher Rajshekhar Rajaria first reported that Domino’s India had been hit by a hacker again, after Alon Gal, who is CTO of cybersecurity firm Hudson Rock, claimed in April that credit card details of nearly 10 lakh people who purchased online on Domino’s Pizza India were allegedly being sold for over Rs 4 crore on the Dark Web.

According to Rajaria, data of 18 crore orders from Domino’s Pizza in India has now become public, which contains the name, email, phone number and even the GPS location of the users.

The same person who earlier hacked financial services company MobiKwik has compromised Domino’s India.

“The earlier hacker failed to receive the ransom and sold the data to some unknown hacker, who has now posted the 13TB data of Domino’s India on the Dark Web,” Rajaria told IANS.

In an earlier statement, Jubilant Foodworks, the master franchisee for Domino’s Pizza in India, told IANS that the company recently experienced an information security incident.

“No data about financial information of any person was accessed, and the incident has not resulted in any operational or business impact,” the spokesperson said.

“As a policy, we do not store financial details or credit card data of our customers; thus, no such information has been compromised”.

According to Prakash Bell, Head of Customer Success and SE Lead, India and SAARC, Check Point Software Technologies, implementing technology solutions such as ZTNA, DLP, XDR and security posture management is key to ward off such incidents.

“Complementing these with employee education around data handling, vigilance, tight security controls, processes, and audits would help to create the desired culture,” Bell said in a statement.

There have been many hacking incidents involving Indian firms in the recent past, including Bigbasket, BuyUcoin, JusPay, Upstox and others.