Home Food delivering startup, Zomato has suffered a security breach with over 17 million user records stolen from the food-tech company’s database. The stolen information contains user email addresses and ‘hashed’ passwords but no payment information or credit card data has been stolen/leaked, Zomato said in a blog post on its website.
However, the company assured customers that their payment and credit card data are safe. Zomato mentioned in their blog, ” The hashed password cannot be converted/decrypted back to plain text – so the sanctity of your password is intact in case you use the same password for other services. But if you are paranoid about security like us, we encourage you to change your password for any other services where you are using the same password.”
According to HackRead.com, a user going by the online name of “nclay” has claimed to have hacked Zomato. It further said the user is selling the stolen data on a Dark Web marketplace. The data includes emails and password hashes of registered Zomato users while the price set for the whole package is USD 1,001.43 (BTC 0.5587). BTC refers to bitcoins.
The companies have also mentioned that no payment information regarding Credit Card and Debit Card has been stolen or hacked as they told in PCI Data Security Standards (DSS).
The news just came after the outbreak of Wanna Dyceptor Ramsonware malware threatening the world. It might also be one of the breaches regarding the malware.
Zomato is an online & mobile restaurant search & discovery service providing in-depth information for over 1.4mn restaurants in 23 countries and has over 120 million users visit its site every month.
The online food aggregator has asked to reset passwords for all affected users and logged them out of its app and website and all of the user accounts were secure and encourages their users to change the password for any other services where they were using the same password. Read more about Indian Startup Ecosystem.