India’s largest online restaurant online restaurant discovery and food delivery service Zomato has disclosed that about 17 million user records has been stolen from its database.
The database includes emails and password hashes of registered Zomato users while the price set for the whole package is USD 1,001.43 (BTC 0.5587). The vendor also shared a trove of sample data to prove that the data is legit, says a post by Hackread.
Zomato said it has reset the passwords for all affected users and have logged them out of the app and website. While the leaked passwords were hashed, it is recommended to change your password for any other services in case you have reused it.
Our team is actively scanning all possible breach vectors and closing any gaps in our environment. So far, it looks like an internal security breach some employee’s development account got compromised Zomato CTO Gunjan Patidar said in an official blogpost.
Patidar said they will be actively working to plug any more security gaps that they find in their systems over the next couple of days and weeks.
We’ll be further enhancing security measures for all user information stored within our database. A layer of authorization will be added for internal teams having access to this data to avoid the possibility of any human breach.