17 Million Zomato User Records Stolen; Payment Details Safe, Company Says

Zomato gets hacked; 17 million user account details stolen.

Shubhada Kale @Shubhada93

18 May 2017, 01:49 PM IST

Zomato has a new challenge on its hands. (Photo: Zomato)

Online food delivery and restaurant search service Zomato disclosed that information of close to 17 million user accounts has been stolen in a security breach.

The service provider’s Chief Technical Officer Gunjan Patidar, who wrote about the incident on the company’s blog, said no financial details were at risk.

Payment-related information on Zomato is stored separately from this (stolen) data in a highly secure PCI Data Security Standard (DSS) compliant vault. No payment information or credit card data has been stolen/leaked.

Gunjan Patidar, Chief Technical Officer, Zomato

The stolen information includes the users’ email addresses and hashed passwords. A hashed password cannot be converted or decrypted to plain text and will remain safe, Patidar said. However, he advised those using the same password across other platforms to change it. Zomato has logged out affected users and reset their passwords as a precautionary measure.

Disclosure on the recent @zomato user database leak, what it means for you and why you need not panic - https://t.co/iWAgSxwsJv
— Gunjan Patidar (@gunjan2307) May 18, 2017

Zomato founder Deepinder Goyal, while retweeting Patidar’s blog post, promised a thorough investigation into the matter.

Important disclosure - https://t.co/sI2X8wvHgm - we are investigating this and will keep you posted. https://t.co/nYgnwoaPqF
— Deepinder Goyal (@deepigoyal) May 18, 2017

The statements came after news broke on Twitter that account details had been hacked.

Patidar said the company would work actively on plugging any security breaches in the system. In addition, they would enhance the security measures and add another layer of authorisation for internal teams who have access to data to avoid any human breach.