Hack on Zomato Enables Theft of Data Belonging to over 17m Consumers

Food technology company Zomato recently encountered one security hack when more than 17m user records were seized. The stolen data consisted of customers' hashed passwords and e-mail ids.

Hackread.com reports that an end-user whose name is 'nclay' asserted that he hacked Zomato while agreeably would sell the data belonging to the 17m-or-so registered consumers at one widely visited Dark Web trading zone.

In the opinion of cyber security specialists, Zomato very lucidly didn't have a technique for safeguarding client data against undesirable entities. Business-standard.com posted this, May 19, 2017.

Cyber security advisor Sajal Thomas with PwC asserted in a tweet message about him examining a sample of the data getting traded in the underground only to find that Zomato hashed client passwords with the aid of MD5. MD5 isn't either encoding or encryption, while is understood to be deciphered without any difficulty in attacks because it has major security flaws.

The function of hashing is to convert a password into a series of characters difficult to understand so that it becomes nearly impossible to convert it into its original text. Moreover, the passwords belonging to Zomato's 120m consumers have been said to be 'salted' too, in which characters are randomly prefixed to the hashed passwords that make them unintelligible no matter whether the hashes are translated.

In its most sincere way Zomato has apologized for the hack, although the branded company as well tried to mitigate the attack's impact. Albeit clients' logins and e-mails got leaked, their passwords that were captured had been hashed. Fortunately also, there occurred no theft of payment information. Even then the company, to be cautious, made fresh passwords to replace the old belonging to all affected consumers as well as emphasized that consumers should reset their passwords they maybe using in other services as well to avoid taking any chance. The company had then held one internal security hack responsible for the compromise.

One can say that the hacking attack on Zomato mayn't be described as one harmful one else that is what it appears at the moment; however, it isn't either the first big security breach the country has witnessed.

» SPAMfighter News - 5/23/2017