Zomato reports massive security breach, says 17 million user records stolen

However, the restaurant finder app said that no payment or credit card information has been stolen.

Published: 18th May 2017 11:47 AM  |   Last Updated: 18th May 2017 02:22 PM   |  A+A-

By Online Desk

Restaurant aggregator Zomato said in a blog post Monday morning that about 17 million email addresses and passwords were stolen from its database.

The Gurgaon-based company said no payment or credit card information has been stolen, as that data is stored separately from the stolen user records in a "PCI Data Security Standard (DSS) compliant vault."

Zomato's CTO Gunjan Patidar wrote in the blog post that the security breach did not compromise user passwords, which he said were in encrypted form. The company has "reset the passwords for all affected users and logged them out of the app and website," he wrote.

The company does not seem sure of how the breach happened. Patidar wrote that "some employee’s development account got compromised." He added that the users "paranoid" about security should change their Zomato password if they are using the same elsewhere.


Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on are those of the comment writers alone. They do not represent the views or opinions of or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp