Zomato hacked! 17 million user records stolen; hackers ask for payment in bitcoins
May 18, 2017, 12:31 IST
A user by the name of ‘nclay’ has claimed to hack India’s online food delivery app Zomato. The security breach saw more than 17 million user records stolen from Zomato’s database.
The stolen information has email addresses and hashed passwords of customers.
As per Hackeread.com, nclay is willing to sell data pertaining to 17 million registered users on a popular Dark Web marketplace with the price set for the whole package at $1,001.43 (0.5587 bitcoins).
Hashing turns an original password into an incoherent set of characters, bringing down the possibility of it being easily converted back to plain text. Although in theory the password may still be safe, Zomato is encouraging its users to change that password if used for any other services.
“Payment related information on Zomato is stored separately from this (stolen) data in a highly secure PCI Data Security Standard (DSS) compliant vault,” Zomato stated in its blog.
“Since we have reset the passwords, affected users' zomato account as well as credit card information is secure, so there is nothing to worry about there,” the blog read.
Zomato has termed the hacking a human error as the cause of the security breach where an employee's development account got compromised.
Advertisement
The stolen information has email addresses and hashed passwords of customers.
As per Hackeread.com, nclay is willing to sell data pertaining to 17 million registered users on a popular Dark Web marketplace with the price set for the whole package at $1,001.43 (0.5587 bitcoins).
Hashing turns an original password into an incoherent set of characters, bringing down the possibility of it being easily converted back to plain text. Although in theory the password may still be safe, Zomato is encouraging its users to change that password if used for any other services.
“Payment related information on Zomato is stored separately from this (stolen) data in a highly secure PCI Data Security Standard (DSS) compliant vault,” Zomato stated in its blog.
Advertisement
Zomato has termed the hacking a human error as the cause of the security breach where an employee's development account got compromised.