- Zomato says that all affected users' passwords have been reset.
- Hacker claiming to be responsible for the hack warns selling the data on dark web.
- Zomato says it’s an internal (human) security breach.
Zomato has disclosed in a blogpost that its security team discovered a breach that has compromised 17 million user accounts. 17 million user records were stolen and the information includes email addresses and hashed passwords.
"We hash passwords with a one-way hashing algorithm, with multiple hashing iterations and individual salt per password. This means your password cannot be easily converted back to plain text. We however, strongly advise you to change your password for any other services where you are using the same password," Gunjan Patidar of Zomato writes.
Zomato says that all affected users' passwords have been reset and they have been logged out of the app as well as website. It mentions that the credit card information on Zomato is fully secure.
Zomato says it’s an internal (human) security breach, which means some employee’s development account got compromised. And, it is now planning to add a layer of authorisation for internal teams having access to this data.
Going by a report by The Economic Times, citing Hackeread.com, a user named nclay claiming to be responsible for the hack warns selling the data on dark web marketplace.
Last Updated 31, Mar 2018, 6:32 PM