Thursday, March 28, 2024

Zomato’s Massive Data Breach About 17 Million User Record Stolen and Revealed in Dark web

Zomato Reports a massive Data breach that, 17 Million user records were stolen. Zomato over 120 million active users in worldwide and Zomato offers details of best cities to people’s find food orders and Restaurants.

A Security team from Zomoto Discovered this biggest Data breach and reports to their registered users.

According to the report by Zomato, the Stolen data’s contain information’s such as Registered users USERNAME and  Hashed PASSWORD.

since all the password contains encrypted hash format Zomato believe and report that, there is no way to reversed and Decrypt to plain text.

Data’s Disclosed in Darkweb

Hackers Released all the stolen Zomoto users information’s such as username and password into Dark web Market and fix a cost for the whole package of Zomato data for USD 1,001.43 (BTC 0.5587), reports Hackeread

Zomato's Massive Data Breach about 17 Million User Record Stolen and Revealed in Darkweb

(Credit:Hackeread)

In this case Zomoto reports to their users ,”payment related information on Zomato is stored separately from this (stolen) data in a highly secure PCI Data Security Standard (DSS) compliant vault. No payment information or credit card data has been stolen/leaked.

This leaked information contains user names and hashed passwords are registered via both app and website by zomoto users.

According to Hackread analyze the report, revealed email address checked and tried to send a password to reset email to some of the email addresses which is in the leaked sources and its revealed that they are registered with Zomato.

Zomoto reports, “Since we have reset the passwords for all affected users and logged them out of the app and website, your zomato account is secure. Your credit card information on Zomato is fully secure, so there’s nothing to worry about there.”

Also, zomato requested users to change their password for any other services where they are using the same password.

Also Read:

  1. A complete Lookback of Historical Wannacry Ransomware Cyber Attack
  2. Joomla! 3.7.1 is released to address a critical SQL Injection Vulnerability
  3. WordPress 4.7.5 released with patch for Six Major Security Issues Including CSRF & XSS
Website

Latest articles

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user...

ZENHAMMER – First Rowhammer Attack Impacting Zen-based AMD Platforms

Despite AMD's growing market share with Zen CPUs, Rowhammer attacks were absent due to...

Airbus to Acquire INFODAS to Strengthen its Cybersecurity Portfolio

Airbus Defence and Space plans to acquire INFODAS, a leading cybersecurity and IT solutions...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles