Friday, November 8, 2024
HomeData BreachZomato's Massive Data Breach About 17 Million User Record Stolen and Revealed...

Zomato’s Massive Data Breach About 17 Million User Record Stolen and Revealed in Dark web

Published on

Malware protection

Zomato Reports a massive Data breach that, 17 Million user records were stolen. Zomato over 120 million active users in worldwide and Zomato offers details of best cities to people’s find food orders and Restaurants.

A Security team from Zomoto Discovered this biggest Data breach and reports to their registered users.

According to the report by Zomato, the Stolen data’s contain information’s such as Registered users USERNAME and  Hashed PASSWORD.

- Advertisement - SIEM as a Service

since all the password contains encrypted hash format Zomato believe and report that, there is no way to reversed and Decrypt to plain text.

Data’s Disclosed in Darkweb

Hackers Released all the stolen Zomoto users information’s such as username and password into Dark web Market and fix a cost for the whole package of Zomato data for USD 1,001.43 (BTC 0.5587), reports Hackeread

Zomato's Massive Data Breach about 17 Million User Record Stolen and Revealed in Darkweb

(Credit:Hackeread)

In this case Zomoto reports to their users ,”payment related information on Zomato is stored separately from this (stolen) data in a highly secure PCI Data Security Standard (DSS) compliant vault. No payment information or credit card data has been stolen/leaked.

This leaked information contains user names and hashed passwords are registered via both app and website by zomoto users.

According to Hackread analyze the report, revealed email address checked and tried to send a password to reset email to some of the email addresses which is in the leaked sources and its revealed that they are registered with Zomato.

Zomoto reports, “Since we have reset the passwords for all affected users and logged them out of the app and website, your zomato account is secure. Your credit card information on Zomato is fully secure, so there’s nothing to worry about there.”

Also, zomato requested users to change their password for any other services where they are using the same password.

Also Read:

  1. A complete Lookback of Historical Wannacry Ransomware Cyber Attack
  2. Joomla! 3.7.1 is released to address a critical SQL Injection Vulnerability
  3. WordPress 4.7.5 released with patch for Six Major Security Issues Including CSRF & XSS
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability...

Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information

A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP...

Cisco Flaw Let Attackers Run Command as Root User

A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects...

Researchers Detailed Credential Abuse Cycle

The United States Department of Justice has unsealed an indictment against Anonymous Sudan, a...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Threat Actor IntelBroker Claims Leak of Nokia’s Source Code

The threat actor known as IntelBroker, in collaboration with EnergyWeaponUser, has claimed responsibility for...

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a...

Grayscale Investments Data Breach Exposes 693K User Records Reportedly Affected

Grayscale Investments, a prominent crypto asset manager, has reportedly suffered a data breach affecting...