Zomato, an online food delivery service platform, suffered from a massive cyber attack that led to theft of data of 17 million registered users along with their hashed passwords.
According to Zomato officials, since the passwords are hashed, there is no risk of them being decrypted into the text format by the hackers. However according to the experts, it is not absolutely impossible to get into the hashing algorithm. There have been cases where hackers have been able to break the algorithm and successfully gain access to passwords which has worked in the past.
Zomato says it has already reset all the passwords and other data that is brought in the public domain. Zomato has also logged out each of its user from the company’s online platforms; app and website. Also, the payment details and credit card/debit card information that the users have put online were claimed to be safe by the company, it is only the email addresses and hashed passwords that have been hacked.
The company says it uses a different platform, a different database for storing the payment related information which is in a PCI Data Security Standard (DSS) compliant vault.
It is not the first time that Zomato’s system has been hacked. Back in 2015 also, the data was stolen which the hacker later returned to the company but this time the data has gone online. The stolen data is being offered for $1 thousand US dollars. Hackers have also shared proof of it being authentic, original and not forged.