Hello, friends! Have you ever ordered Home delivery of pizza from Dominos? Or have you ever taken an Air India flight? If you’ve answered yes to either of the questions then there is a very high chance that your personal data has been leaked on the internet.
By personal details I mean your name, phone number address, passport details, and even your credit card numbers. This news is, again, not being adequately covered by the mainstream media. So friends let’s find out what happened exactly. And how you can protect your data.
If something like this happens in future again. Dominos is probably the largest pizza delivery company in India. And Air India is the most renowned airline.
There have been big data breaches in these two companies. First, what is a Data Breach? These companies have a database of customers. Like, when you order pizza from Dominos, you use your phone number to call them.
And they store your phone number that this number, used by this person,ordered pizza to be delivered to this address. On 16th April 2021 a co-founder of an Israel-based cyber crimes intelligence company found that some hackers had claimed in a post to have more than 13TB of data from Dominos. Which included 18 crore orders from 2015 to 2021.
Hackers had demanded approx ₹4 crores for this data. And when no one bought this data, they put it up publicly on the internet. So that anyone can access it from a search portal. One only needs to enter the mobile number or email address on the search portal and all the information connected to it will be displayed below.
How many times have you ordered pizza from Dominos in the last 6 years? How much did you spend on these orders in total? What is your linked email address or mobile number? What is the value of the individual orders? What is your delivery address? With precise latitudinal and longitudinal information. The exact location of your house can be found out from it.
And the dates and times of the orders. All this information look somewhat like this. For now, the credit card details of the people have not been published online. But the hackers claim that they have more than 1 million credit card details. And they will publicly publish them soon. In April when this data was available only on the dark web, then Dominos had responded with this statement. No data pertaining to financial information of any person was accessed and the incident has not resulted in anyoperatio all or business impact.
Dominos meant that their business was not affected by it. Because, obviously, why would it have affected their business. It was the customers’ data that was stolen. “As a policy, we do not store financial details or credit card data of our customers, thus no such information has been compromised.” If Dominos is to be believed, they do not save the credit card data of the customers. But the hackers say that they have the credit card details. Who is to be trusted?No idea. But watch the video till the end,because I’ll tell you what can be done to avoid this. What’s the problem now? The question of the hour is how does the data being published on the internet affect you? Some people may find out the address of your home.
Some may find out your phone number;No big deal, right? I’ll tell you how this will affect you. This can be used to scam you very easily. Several scams are often seen that are termed asoto Scams. The fraudster would call you and say “Hello, am I speaking with Dhruv Rathee?” And I’d reply, “Yes.” -“Do you live at this address?”I’d say yes. They’d say that they’re calling from such and such bank to confirm whether you’ve received this OTP or not. Now, if they have your name, address,credit card details, you’d think that you can trust this person. Since they already have all the data they might really be calling from the bank. And you’d give them your OTP to “confirm” And they’ll withdraw money from the bank account.
There have been numerous such scams in reality. Where the personal details of the people were used to fool them and fraud them. The real problem with this is that if a scammer has your full name, address and phone number and they talk to you very professionally, it becomes easy to fall for his tricks.
If any person has so many details about you, while talking you’d feel that they are indeed calling from the bank. Otherwise, how would they have known so much? And then you’ll get trapped. This is just one way, friends. In reality, there are numerous ways to scam you using your personal data. Other than this, your personal data may be misused for putting up fake ads. To send spam messages on your phone number.
The useless advertisement messages that you get. Often the hackers sell the data to a big company And those companies use it to fill your phone with spam. Before talking about the solutions, first, let’s look at the data breach of Air India too. In the data breach in Air India the data from 2015 to 2021 has been leaked.
Of more than 4.5 millions of Air India’s customers. Their name, date of birth, contact information, passport information, ticket information, frequent flyer number of Star Alliance or Air India, as well as credit card data has been leaked. About the credit card data, friends,it doesn’t mean that because of this credit card data, these hackers will be able to use your credit card to buy anything online. That doesn’t happen.
Because there is a CVV number at the back of the credit card And this CVV number is not stored in the databases. So you don’t have to worry that any person can make any purchase using your card. But even then, the credit card numbers being leaked is still a huge deal.
As more information leaks,it would make things easier for the scammers and fraudsters to fool you and scam you. Someone might call you to say that your credit card number is so and so and you might believe that they are really from the credit card company. That’s why they know everything. That’s why it becomes easier to fool people.
So the scammers and hackers should have little to no data. Air India has taken some steps as its response. They’ve said that they have secured the compromised servers. They have notified the credit card issuers. What’s important is that it is not the first data leak. In the last few years, countless data leaks have been seen in our country. Of different companies.
Aadhar data was leaked, in 2019, data of Justdial company was leaked, in May 2020, unacademy had a data breach. Big basket, Mobikwik,there have been so many data breaches in India And if we look at it from the perspective of the government, the responsibility of the government, the government has not made any properData Protection Law in India. In the European Union, there exists a very strong GDPR Law.
It is so strong that not only are the companies held accountable whenever there is a data breach but it also directs the companies collecting the data of the people that there should be minimal data collection. It means that only the data that the company absolutely needs can be collected. Any additional data should not be stored in their systems. On top of it, the data being stored should be deleted after a certain amount of time. And even at the request of the customers. But in India, if you want to ask the companies to delete your datafrom their servers, Is it possible to do this? A few companies have put up some options but even they are hidden options. That if you want, you can get your data deleted from their database.
But even then, the companies who have given this option take weeks to do it. Now that we talked about the Government’s responsibility. now the question is, what can you do, friends? To keep your data secure.
First, whenever you’re putting in your data online, try to minimize it. Whenever a website asks for your personal information, you don’t have to give more data than required. You’ve seen those stars, right? You need to put in your full name, email address, sometimes it is optional to give your phone number.
So where it is optional, don’t put it in. You don’t have to give them any more data than is required. Often while filing in your credit card details online there is an option at the bottom of the website ‘Save this credit card information for future purposes.’ Meaning that website will save your credit card details so that when you use that website in the future your credit card information would be easily available on the website and you needn’t type it in again.
Several websites have this option nowadays. Do not choose this option ever. It means that the website will be saving your credit card details. Third, do not use the same passwords while making accounts on different websites. If one website’s data is breached, then the hackers will get your passwords.
And if you’ve used the same password somewhere else it will give the hackers access to the other accounts. If there is a data breach in Facebook, hackers will get to know your Twitter, Instagram and other passwords. That’s why use different passwords. By different passwords, I do not mean that you use 123456Dominos as password for Dominos and 123456 AirIndia for Air India. The hacker isn’t stupid. He can see the pattern. Once he sees that you’ve used 123456Dominos as the password he’ll easily figure out that for Air India you would’ve used 123456AirIndia.
So don’t do this. It’s better to use completely different passwords. The more complex and long the password is it becomes increasingly difficult for hackers to guess. This is why it is better to use password managers. It is in-built in iOS iPad and iPhone. Use that password manager that is suggested by the phone. They suggest very complex and long passwords which have a combination of various letters and symbols. That no person can actually remember.
Fourth, while browsing on the internet always use a VPN to keep your location data secure. Nowadays, many of the websites, if not all, know your location through your IP address. Your IP address reveals your location And these websites often store this data. The country and the region you’re visiting the website from is known to them. VPN hides this. It hides your IP address. In my opinion, the best VPN app is NordVPN. I use it regularly. NordVPN is one of the only VPNs that work even in countries like China.
In China, many websites are blocked. The VPN can help with that as well. It unblocks the blocked websites. Because they are blocked using location data. That is a person tries to access a website from a certain region, then they are blocked. But VPN hides your location. So you can access many of the blocked websites. Generally, with VPNs, you need to check whether the VPN company is collecting your data. Thankfully, it doesn’t happen in NordVPN.
And because NordVPN has sponsored this video there is a big discount for you guys. If you go tonordvpn.com/Dhruv and purchase the 2-year plan, first, you’d get a big discount and then you’ll also get an extra month free And the best thing is that they give a30 days money-back guarantee. You can try for 30 days to see if you don’t like it, they’ll return your money. The link is in the description below.
nordvpn.com/dhruv Moving on to the next point. If you get an SMS saying that ‘the wrong CVV was entered’ or ‘wrong pin entered’then take that SMS seriously. Many people do not take these things seriously. People who respond instantly to a WhatsApp text often ignore important SMSes like this. If this happens, inform your bank and block your card. It means that someone has the rest of your credit card details except for the CVV.
And the CVV should not get into their hands. And it shouldn’t happen that they guess it right either. The next point is one of the most important points If someone calls you to ask for any OTP that you may have received. Saying that they’re calling from the bank or some other place. Do not believe them. Do not share your OTP with anyone. The OTP is for you only. When you go on a website or login OTP is used for that. Any other person will not need the OTP. Never.
Next, whenever you make an account on a website or enter your password often the website asks for security questions. The security questions can be like’What is the name of your pet?’ ‘What is the maiden name of your mother?’ Answers to these questions can be easily found on social media nowadays. So pay attention to these security questions and do not use such answers that can be publicly seen on your social media.
Nowadays people share such information on social media that are the answers to those security questions. Remember this. Other than this, always keep the operating system of your phone and the software of your computer updated to the latest version. The older versions are often lacking or have loopholes, that can be accessed and exploited by hackers. It is easy to follow the next point. Whenever you visit a website check its URL. Does it begin with HTTPS? or only HTTP? The ‘s’ letter is a very important letter.
‘s’ means secure. The websites beginning with HTTP are not secured so you shouldn’t visit them. The websites beginning with HTTPS are secure websites. Even my website begins with HTTPS. Whenever I do anything I try to take all of these into consideration. Like the app that I have,the Dhruv Rathee app, you’d already know the app tries to take as little data from you as possible. If you make an account in the app only your name, email and the password that you decide will be needed.
The app does not ask for your location data. It doesn’t ask for your phone number. Because these are not required. So why should they be collected unnecessarily? The data collection of the people needs to be minimal. As little as needed. And the final tip, friends, that you should always remember, Nothing is free in this world. Many websites collect your data tempting you by being ‘free.’ “Look, you’re getting this for free,come give us your data.”
The biggest example of it is probably Facebook. That collects your data and the data is later sold. So technically those things aren’t free. You’re giving your data to the websites. In return for it being ‘free.’ In the end, friends, I’d like to say that the tips that I gave you do not guarantee that your data will be 100% secure.
But these will definitely help to keep your data safe to a large extent. At the end of the day, it is the Government’s responsibility that they make strong rules and regulations. And on the companies that they behave responsibly with your data. I hope you found this article informative. Let’s meet in the next article. Thank you very much.
indiahero lifestyle 