Tuesday, 11 September 2012
According to reports, hackers used the SQL injection method and remote file inclusion to attack Domino's website. It's notable that the remote file inclusion is one of the most common methods used by hackers to breach web databases. With this method, database of a website is tricked into disclosing data that should have been hidden by ‘injecting’ certain commands.
Details of about 37,000 accounts including names, contacts, passwords and other information of Domino's customers were leaked online after the official Indian website of the popular pizza retailer was hacked by a Turkish team that calls itself Ajan Hacker Group.
“Once hacked, all the website can do is fortify its webserver and make some configuration changes that are not too costly. But it’s very hard to absolutely secure a website from the numerous attack tools available,” Govind Rammurthy, managing director and chief executive of eScan, is quoted as saying by Business Standard.
It's not the first time an Indian website has fallen prey to the hackers. Earlier, a number of websites including those of the government, political parties and private companies have suffered major defacement. It may be recalled that notorious hackers group Anonymous conducted a spate of attacks on the Indian websites to protest the blocking of file sharing websites such as Daily Motion, Pastebin, Vimeo, The Pirate Bay, and others. Recently, Yahoo and LinkedIn also suffered major data breaches.
