Zomato’s 17 million accounts hacked, data sold on Dark Web marketplace

By Rob 0

New Delhi: Hackread, a security blog, has claimed that over 17 million accounts of Zomato, an online food search and ordering portal, have been hacked. The report claims that a vendor going by the online handle of “nclay” is claiming to have hacked Zomato and selling the data of its 17 million registered users on a popular Dark Web marketplace.

“The database includes emails and password hashes of Zomato users, while the price set for the whole package is $ 1,001.43 (Bitcoins 0.5587). The vendor also shared a trove of sample data to prove it is legit,” Hackread’s post says.

Zomato acknowledged the breach, but said the data is secure, NDTV reported. The company also claims that no breach of financial information has been found so far. As a security precaution, affected Zomato users have been logged out and their passwords reset.

While assuring wary customers, Zomato put out a statement on Thursday. “The hashed password cannot be converted/decrypted back to plain text – so the sanctity of password is intact in case you use the same password for other services. But if you are paranoid about security like us, we encourage you to change your password for any other services where you are using the same password,” the statement said.

“No payment information or credit card data has been stolen/leaked,” the blog added.

As a precaution, Zomato has reset the passwords for all affected users and logged them out of the app and website.

“Since we have reset the passwords for all affected users and logged them out of the app and website, your zomato account is secure. Your credit card information on Zomato is fully secure, so there’s nothing to worry about there,” the blog stated.

To make their app and website breach-free in future, Zomato has planned to actively plug any more security gaps that are encountered in its systems.

“We’ll be further enhancing security measures for all user information stored within our database. A layer of authorisation will be added for internal teams having access to this data to avoid the possibility of any human breach,” the blog read.

Zomato was founded as ‘Foodiebay’ in 2008 by Deepinder Goyal and Pankaj Chaddah. The online food service reportedly has now expanded to nearly 23 countries across the globe.

First Published: Thu, May 18 2017. 12 30 PM IST

[Source: livemint.com]