Zomato breathes a sigh of relief
Zomato reported on Thursday this week that about 17 million user records have been stolen from its database, which included user email addresses and ‘hashed’ passwords. However, this leak didn’t involve any payment information or credit card data.
However, the breach was conducted by an ethical hacker who wanted to expose the vulnerabilities in Zomato’s security features. The ethical hacker has agreed to take off these user details from the dark marketplace and is now working with Zomato to plug any loopholes in its security.
According to a statement on Zomato’s blog, “We are introducing a bug bounty program on Hackerone very soon. With that assurance, the hacker has in turn agreed to destroy all copies of the stolen data and take the data off the dark web marketplace. The marketplace link which was being used to sell the data on the dark web is no longer available.”
Adding to the above statement, it also mentioned that, “This incident has made our team’s commitment to addressing all our security issues in a responsible and timely manner even stronger. We look forward to working more closely with the ethical hacker community, to make Zomato a safer place for our users.”