Zomato accounts hacked: Online restaurant search and discovery service app Zomato will be reaching out to 6.6 million users. According to Zomato, user’s passwords are “theoretically decrypted.” The company reported on Thursday that about 17 million user records had been stolen from its database, which included user email addresses and hashed passwords but no payment information or credit card data.
As the ransomware attacks on an all time high, it was a catastrophic event in the history of the Zomato. To ensure that no further damage is caused, Zomato has said it has reset the passwords for all the affected users and has logged them out of its app and website. Report said that Zomato was able to get in touch with the hacker, who had put the stolen user data up for sale on the dark web.
“6.6 million users had password hashes in the ‘leaked’ data, which can be theoretically decrypted using brute force algorithms.” – Zomato said in a blog post.
Zomato also said that it will be introducing a bug bounty program on Hackerone for security researchers very soon, which was the key demand of the hacker. Zomato will also publish details about how the hacker got in once the holes have been plugged.