Sci-tech

17 million Zomato user records stolen in security breach

17 million Zomato user records stolen in security breach

According to the blogpost, the very cooperative ethical hacker just wanted to acknowledge the vulnerabilities in Zomato's security system.

"In fact, this is the probable reason why Facebook CEO Mark Zuckerberg's Twitter and Pinterest account was also compromised in 2016 as he apparently was using the same password as his LinkedIn account whose password became public after the hack", Modi told IANS.

"So far, it looks like an internal (human) security breach - some employee's development account got compromised", the company said in an official blog post explaining the breach.

The good news is that the hackers have agreed to pull the listing from the market provided the platform runs a "healthy bug program for security researchers".

"We are introducing a bug bounty program on Hackerone very soon. The vendor also shared a trove of sample data to prove that the data is legit", the report said. However, the absolute delight that foodies are, Zomato users have absolutely different concerns, most of which are their food-related inhibitions. "Along with this, the MD5 hashing algorithm is outdated and has been superseded by more cryptographically secure hashing algorithms". "We don't have passwords for these accounts - therefore, these users are at zero risk", Goyal tweeted.

About 6.6 million users had password hashes in the leaked data and only five data points were exposed - user IDs, Names, Usernames, Email addresses, and Password Hashes with salt. "Your payment information is absolutely safe, and there's no need to panic", said the late night update. This included e-mails and hashed passwords. This isn't the first time though, as previously, an Indian hacker named Anand Prakash had hacked into the database to show the flaws and that was acknowledged by Zomato, with the measures taken to seal the loophole.

The above cryptographic method is required to help reduce the effectiveness of a brute-force attack or dictionary attack - a password cracking method which matches every bit of the password with a random alphabet/character/number until the entire text of the password is matched.

"Technically what they are saying is correct, i.e. a hashed password can not be decrypted, but what they aren't saying is - it is technically possible to break the hashing algorithm to guess the passwords". If this is the case, then there is a possibility that a hacker can gain access to the salt value, allowing them to easily decrypt the hash and get the password. We are yet to hear back from them.


  • Trump takes heat for sharing intel with Russians, but defends move

    Tillerson said Trump discussed a range of subjects, including "common efforts and threats regarding counter-terrorism". McMaster coming to the White House briefing room to repeatedly say the President's actions were "wholly appropriate".

    More and more people are betting on a Trump impeachment

    The call for impeachment would mean that the House of Representatives would have to vote in a majority to impeach the president. In a press conference yesterday, Mr Green accused The President of putting America's democracy at risk.

    Colgate-Palmolive Company (CL) Stake Cut by Courier Capital LLC

    Finally, Norway Savings Bank acquired a new position in Colgate-Palmolive Company during the fourth quarter valued at $110,000. State of New Jersey Common Pension Fund D raised its position in Colgate-Palmolive Company by 43.8% in the third quarter.
  • Google Pixel 2 Specs, Price, and Release Date Rumors Roundup

    In that case, it will be the Google Pixel 2 XL (walleye) that will be competing against the Galaxy S8 Plus and iPhone 8. At present, there are no images for the Google Pixel 2 , but they might follow Apple's lead of removing wired headset.

    Corbyn: Labour won´t hit £80000 earners with immediate income tax hike

    He suggested winning 200 seats - almost 30 fewer than in 2015 - would be a "successful" result for Mr Corbyn. But he did not appear to be expecting a Labour government: "The scale of the task is vast ".

    Microsoft reportedly held back WannaCry patch for older Windows versions

    He told the BBC the act was "unprecedented in its scale" and warned more people could find themselves affected on Monday morning. It was "too early to say" what the overall cost of the attack to public coffers would be, he said.
  • Harry Styles steps in to host Corden's "Late Late Show"

    It all seems so far away right now, but I really can't wait to see what's going to happen next year. We will keep you posted on more updates about The Grammys throughout the year.

    Flynn reportedly told Trump's transition team about investigation before inauguration

    In response, President Trump made a decision to give him one of the most sensitive jobs in the US government. Flynn's disclosure, on January 4, was first made to the transition team's chief lawyer, Donald F.

    STORM LATEST: Walker says damage worst he's seen as governor

    Danny Ringer, with the Elk City Fire Department, said, "We have approximately 50 to 75 homes that were damaged". Amazingly, the infant grandson escaped with just a couple of scratches, he said.
  • Google I/O 2017 developer conference: 3 key takeaways

    Apparently, the search engine giant wants to personalize actions and content such that they suit each user in different scenarios. One of the standout features is picture-in-picture, which lets you continue watching video content while using other apps.

    Multiple Congressional Committees Want Comey's FBI Memos And Testimony

    We have an obligation to carry out our oversight, regardless of which party is in the White House. "Everybody thinks so. And again, we have to get back to working our country properly so that we can take care of the problems that we have".

    Eastern Conference Finals Guide: Cleveland Cavaliers vs. Boston Celtics

    Bradley Beal led the Wizards , which was playing it its first Game 7 since 1979 with 38 points, including 24 in the second half. The Wizards' best season in almost four decades came to a close on Monday night in a 115-105 loss to the Celtics in Boston .