Zomato reveals that 17 million of its user IDs and hashed passwords have been stolen

Foodtech major  Zomato disclosed  on their official blog that about 17 million user records, including email IDs and hashed passwords, have been compromised from their database, in a massive data breach. They, however, assured their users that no payment information or credit card data was stolen in this leak.

Here is an excerpt from the blog post, written by Zomato CTO Gunjan Patidar: 

“The reason you’re reading this blog post is because of a recent discovery by our security team – about 17 million user records from our database were stolen. The stolen information has user email addresses and hashed passwords.

The hashed password cannot be converted/decrypted back to plain text – so the sanctity of your password is intact in case you use the same password for other services. But if you are paranoid about security like us, we encourage you to change your password for any other services where you are using the same password.

Payment related information on Zomato is stored separately from this (stolen) data in a highly secure PCI Data Security Standard (DSS)-compliant vault. No payment information or credit card data has been stolen/leaked.

While the leaked passwords were hashed, in the wake of the various data breaches that are being reported around the world, it is strongly recommended that you firstly change your passwords in order to shield yourself from data breaches in internet companies, and secondly, update your Windows OS, get a good security app, back up your data,  and steer clear of unknown sites and emails from unknown sources, in order to protect yourself from ransomware.