Zomato, the online restaurant guide and food ordering app got hacked on Thursday. They informed the public on this matter through its blog. In the blog, they have attributed ‘human error’ as the cause of the security breach. It seems that one of their employees’ development account was compromised. They mentioned that they logged out the affected users and reset their passwords.
The stolen information contains the emails and the hashed passwords of their customers. In theory, the information may still be safe, but it’s advisable to change the passwords. The hashed passwords that have been stolen cannot be decrypted back to plain text. So the passwords are still ambiguous. The company also ensures that no payment information or credit card data has been stolen. This is because of the company stores payment related data in a highly secure PCI Data Security Standards (DSS) compliant vault.
Zomato gets more than 120 million visits every month. All of them use it because they all desire the best in the city in terms of food. And the users trust the company with their personal information. Security breaches affect any company’s reputation. In the future, this incident will reduce the number of users which, in turn, will reduce the revenue of the company. So in the next few weeks, the company will be actively working around the clock to fill in all the remaining security loopholes created in the system. They will also be enhancing the security measures.
This is not the first time that Zomato has been targeted by hackers. It had been a target once in 2015 also. A white hat hacker revealed details of Zomato and mentioned all the weakness and the loops holes.
A report mentions that the stolen usernames and passwords are being sold online on the dark web.
Zomato was established in 2008 by Deepinder Goyal and Pankaj Chaddah. This online food service was initially called “Fodiebay”. Zomato has been reported to have expanded to nearly 23 countries worldwide. These are actually the companies that are being targeted by various hackers and hacker groups. This event comes in the news hardly within a week after the malicious software WannaCry ransomware paralyzed computers all over the globe. This also interrupted the functioning of conglomerates such as Renault, British hospitals and German railway.