Leading online restaurant discovery and food ordering company Zomato claims the hack of 17 million user records from its database. The information stolen by the hackers include user email addresses and encrypted passwords.
Zomato mentioned that the stolen information, email ids, and passwords, have been encrypted by the company. Which means it cannot be easily converted into plain text by the hackers. The company further declared that the payment and other financial details had not been stolen.
“We, however, strongly advise you to change your password for any other services where you are using the same password. As a precaution, we had also reset all the passwords for all affected users and logged them out of the app and website. Our team is actively scanning all possible breach vectors and closing any gaps in our environment. So far, it looks like an internal (human) security breach — some employee’s development account got compromised,” the company said in a blog post.
Zomato’s founder Deepinder Goyal took up his Twitter account and declared that about 60 per cent of its clients uses third-party services. Logging in through these third-party services like Google and Facebook reduces the hacking risk to zero.
Zomato has over 120 million active users every month, was also hacked by an ethical hacker earlier in 2015.
“Most companies in India follow ethical hacking or penetration testing wherein they enter their own system to find a malware. But instead of doing that, Chakrabarty said the companies should be focusing on strengthening their team with more cyber security analysts, who can analyze the pattern of attack or a particular malware’s behavior.” said, Pradipto Chakrabarty, Regional Director at CompTIA India, a global tech association.
Also, he suggested that the users should be more careful and should not store any card details or password on any app.
For more Technology News & Updates Follow TFLive