Zomato Hacked: Is Data of 17 Million Users Being Sold on the Dark Web?
Zomato Users were in for a shock on the 18th of May after the Food Delivery App Zomato announced that the data of over 17 Million Users on its Network had been Compromised.
Hackread, a Security Blog, has now claimed that a Vendor going by the name “nclay” is said to be behind the hack and is Selling the Data on the Dark Web.
The database includes emails and password hashes of Zomato users, while the price set for the whole package is $1,001.43 (Bitcoins 0.5587). The vendor also shared a trove of sample data to prove it is legit.
The Email-Address and Hashed Passwords were stolen, Zomato Revealed, adding that they had reset the Passwords of the users who have lost the data to the Hack.
'The reason you’re reading this blog post is because of a recent discovery by our Security Team – about 17 Million User Records from our Database were Stolen. The Stolen information has User E-mail Addresses and Hashed Passwords'.-Zomato in a Blog Post said.
But, However, the Zomato Company was quick to inform its users that all Payment Details Attached to the Zomato Accounts are Safe.
Payment related information on Zomato is stored separately from this (Stolen) Data in a highly Secure PCI Data Security Standard (DSS) compliant vault. No Payment Information or Credit Card Data has been Stolen/Leaked.-Zomato in a Blog Post said.
Zomato said that over the next few days, they would work to strengthen their security back-end, which could lead to temporary disruption. The Food Delivery App Zomato has also assured its Users that Passwords cannot be converted to plain text owing to its hashed nature.
Over the next couple of days and weeks, we’ll be actively working to plug any more security gaps that we find in our systems. We regret any disruption this may cause and appreciate your immediate attention to this information.-Zomato in a Blog Post said.
Zomato is the latest in a number of hacks, with the Ransomware Attack still looming at large. The company has not revealed the details of the hackers for now.
Losing out on data of over 17 million Users is not a good sign, especially for a platform which houses over 120 Million Users in the Country.