Zomato Hacked but Millions of Users Passwords are Safe – On Wednesday, restaurant searches and discovered giant Zomato announced that 17 million user records stolen from its database. Zomato in a blog post said that account information included name, email address and hashed password of millions of users compromised.
Zomato Hacked but Millions of Users Passwords are Safe
Total 120 million users had in the country.The company stated that this is the second major breach of its system in the past two years. Zomato in a blog post said that changing your password on the platform would be a prudent move. Across multiple sites Using the same passwords is a bad idea, anywhere if you do that please change your passwords and get a password manager.
The company said that no payment information or credit card data had stolen. Also stated that “We can also confirm that we have found no evidence. Whatsoever of any of Zomato’s other systems or products being affected.”
According to reports, in 2015, the company hacked by a white hat hacker. Who stated the details to Zomato, which addressed the weakness.
Hacked Passwords – hashed:
In the blog post, the company said that “As a precaution, we have reset the passwords for all affected users and logged them out of the app and website. Scanning all possible breach vectors actively by our team and closing any gaps in our environment. So far, it looks like an internal security breach. Some employee’s development account got compromised”.
Users hashed passwords cannot decrypt or converted back into plaintext in any way. On Zomato the payment related information ‘stored separately’ in a highly secure PCI Data security standard(DSS) vault.
No credit card details payment information or had been stolen/leaked, it asserted. Zomato also stated that “Over the next couple of days, systems we’ll be actively working to improve systems. Within our database, we’ll be further enhancing security measures for all user information stored, and for internal teams having access to this data and will also add a layer of authorization to avoid any humans breach”.