May 18, 2017, India
Yes, you heard it right. Zomato hacked and peeps there is a security breach which has taken place. Were you amongst those who opened Zomato yesterday and faced the issue of the page not getting loaded?
Yes?
You probably surfed the site when Zomato was getting hacked.
[Update]
Team Zomato has addressed the issue and stated, “The hacker has been very cooperative with us. He/she wanted us to acknowledge security vulnerabilities in our system and work with the ethical hacker community to plug the gaps. His/her key request was that we run a healthy bug bounty program for security researchers. Please note that only 5 data points were exposed – user IDs, Names, Usernames, Email addresses, and Password Hashes with salt. No other information was exposed to anyone (we have a copy of the ‘leaked’ database with us). Your payment information is absolutely safe, and there’s no need to panic.”
Zomato has admitted on May 18, 2017, that there was a major security breach with the system.Over 17 million user records stolen out of the company’s 120 million user data. The stolen information has email addresses and hashed passwords of the customers.
A user by the name of “nclay” claimed to have hacked Zomato and was willing to sell data pertaining to 17 million registered users on a popular Dark Web marketplace, according to Hackeread.com.
Although the company claimed that the passwords were encrypted which means that they will be very hard to access.Not to forget such troves of data eventually get cracked.
So peeps, a sensible move at your end would be to change your Zomato password right away. Also change it on any site where you use the same passwords.
Coming back to the incident of Zomato hacked, the company disclosed the information in a blog post, where the company explicitly mentioned that all payment data is stored separately from the stolen data and no payment information or credit card data has been stolen.
In an emailed statement, the company added that All payment information on Zomato is stored in a highly secure PCI Data Security Standard (DSS) compliant vault. The company also said, that,”We can also confirm that we have found no evidence whatsoever of any of Zomato’s other systems or products being affected.”
Not to forget, this is not the first time Zomato is a victim of this attack.Back in 2015, Zomato hacked incidents were all over the place. A white hat hacker had hacked then.