Zomato has announced that it has suffered a security breach with over 17 million user records stolen from its database. According to the restaurant search and discovery giant, usernames and hashed passwords were stolen by the attackers.
Zomato assures that the hashed passwords of the users cannot be decrypted or converted back into plain text in any way. Meanwhile, it also encourages users sharing the same password across other platforms to change their passwords for complete security promise. The company also mentioned that no payment information or credit card data has been stolen/leaked as they were stored separately in a PCI Data Security Standard (DSS) compliant vault.
Zomato also said it has reset the passwords for all affected users and logged them out of the app and website. The company now plans to enhance its internal security measures for all user related information stored in its database. It will also add a layer of authorisation for internal teams having access to this data to avoid the possibility of any human breach.