Zomato reveals that 17 million of its user IDs and hashed passwords have been stolen

 

Foodtech major  Zomato disclosed  on their official blog that about 17 million user records, including email IDs and hashed passwords, have been compromised from their database, in a massive data breach. They, however, assured their users that no payment information or credit card data was stolen in this leak.

Here is an excerpt from the blog post, written by Zomato CTO Gunjan Patidar: 

“The reason you’re reading this blog post is because of a recent discovery by our security team – about 17 million user records from our database were stolen. The stolen information has user email addresses and hashed passwords.

The hashed password cannot be converted/decrypted back to plain text – so the sanctity of your password is intact in case you use the same password for other services. But if you are paranoid about security like us, we encourage you to change your password for any other services where you are using the same password.

Payment related information on Zomato is stored separately from this (stolen) data in a highly secure PCI Data Security Standard (DSS)-compliant vault. No payment information or credit card data has been stolen/leaked.

As a precaution, we have reset the passwords for all affected users and logged them out of the app and website. Our team is actively scanning all possible breach vectors and closing any gaps in our environment. So far, it looks like an internal (human) security breach – some employee’s development account got compromised.”

The blog post also went on to detail how Zomato plans to cope with the crisis. “Over the next couple of days and weeks, we’ll be actively working to plug any more security gaps that we find in our systems. We’ll be further enhancing security measures for all user information stored within our database. A layer of authorisation will be added for internal teams having access to this data to avoid the possibility of any human breach,” detailed Patidar.

While the leaked passwords were hashed, in the wake of the various data breaches that are being reported around the world, it is strongly recommended that you firstly change your passwords in order to shield yourself from data breaches in internet companies, and secondly, update your Windows OS, get a good security app, back up your data,  and steer clear of unknown sites and emails from unknown sources, in order to protect yourself from ransomware.

Shoot

Trending News

Xiaomi pumps Rs 3,500 crore into India business

BlackBuck's out to raise $150M in new round, valuation likely to jump to $800 M

With $21 Billion, Azim Premji among world’s top philanthropists

Google agreed on a $45M exit package for India-origin exec accused of sex abuse

HSBC pegs Zomato's valuation at $3.6 billion ahead of Swiggy

PayU in talks to acquire online payments firm Wibmo for $60M

Quikr close to acquiring refurbished goods marketplace Zefo in all-stock deal

What life looks like after a layoff from an IT company

General Atlantic & Tencent pump in another Rs 80 Cr in ed-tech unicorn Byju's

US Senator Warren vows to break up Amazon, Facebook, Google

SoftBank extends tech reach with $5B Latin American fund

Coverfox hits the market to raise $50M in new financing round

Cognizant faces US lawsuit alleging discrimination

China's Huawei sues US over federal ban on using its products

Germany's Delivery Hero acquires Zomato's UAE biz, invests in India ops

Ahead of deadline, debate rages on e-commerce policy

Flipkart rejigs reporting of Myntra-Jabong head Amar Nagaram

Grofers raises fresh funds from existing investors, valuation hits $425M

Sachin Bansal invests Rs 250 Cr each in NBFCs Altico & IndoStar: Report

I-bank Wolet files $800k suit over Flipkart’s Upstream buy

Flipkart FY18 revenue up 50%, but losses grow 5x

Pine Labs in talks to acquire Amazon-backed Qwikcilver for $100M

India can become 2nd largest 5G market in 10 years: Huawei

Alibaba rival Pinduoduo seeks to raise $1.5B

Twitter Q4 revenue grows to $909M as video ad sales surge

Mukesh Ambani to invest $1.4B in West Bengal, will help e-commerce expansion

Etail may lose Rs 40,000 crore, retail to get a 3rd of it

Steadview Capital invests $74M in Ola valuing it at around $6B

Byju’s ups revenue to Rs 490 cr in FY 18, losses drop by half

Agritech startups Sabziwala and LivLush merge their business under new entity Kamatan

Avail Finance lands $17.2M from Matrix Partners & Ola, Freecharge and Flipkart founders

RBI suggests tax sops, self-regulation to build fintech space

Swiggy hires new CEO for its Access Service, gets new CFO

Logistics company Delhivery registers 44% increase in FY17 revenues

WeWork to acquire one of the oldest social networks, Meetup

Qualcomm rejects Broadcom's $103 billion offer

EasyRewardz gets $2 million Series-A funding

'Anemic' iPhone 8 demand drags Apple shares lower

Lending platform Lenden Club gets Rs 3.5cr in Equity Investment

On festive sales, Flipkart says 65% clients from Tier-II cities