In one of the biggest security breaches reported in the country, a hacker has hacked Zomato website and got access to the database. The stolen information includes email address and encrypted password of over 1.7 crore users.
The announcement was made public by a website called Hackeread.com, which confirmed the development and added that the hacker operates with username nclay and has access to Zomato database. The hacker has also put the data on sale on one of the websites, demanding around ₹65,000 for it. To prove the data genuine, the hacker has also published a screenshot of the stolen data.
Zomato soon issues a statement which clarified that the hacker did not get access to the payment information stored on the website. The statement stated that the payment information is stored in different servers which are PCI Data Security Standard vaults.
Zomato has assured its users of increased protection and added that the affected users have been sent an email with the link to reset their passwords and old password will not work. Also, they have been logged out of their accounts everywhere. This is to prevent any misuse of the stolen data and to make sure that the users remain unaffected and their data remains safe.
In a blog post, Zomato stated that the reason for possible security breach was a human error and that one of the developers working on the project got his account compromised. The company also confirmed that all the required measures have been taken and it will also look into additional possible measures to increase security over next few weeks.