A hacker has stolen the names and email addresses of 17 million Zomato users around the world, the restaurant and food delivery app has announced.
The massive data breach also included encrypted passwords, but no financial information, the India-based firm’s chief technology officer Gunjan Patidar said in a statement.
Zomato boasts 120 million monthly users and operates in 24 countries, including Qatar.
It is unclear how many of Qatar’s roughly 200,000 monthly users were affected. Officials asked by Doha News declined to comment about this.
However, in an email, Qatar country manager Amith Sequeira said, “Our users’ data is safe and secure, now. We will share an official statement along with our learnings, shortly.”
Following the breach, the hacker apparently put the user data up for sale online. But he/she then took it down after speaking to Zomato reps, Patidar said.
Because the majority of users have linked their Zomato accounts to Facebook and Google logins, they should not be affected by the hack, he added.
60% of users use Goog/FB for logging in to Zomato. We don’t have passwds for these accounts – therefore, these users are at zero risk.
— Deepinder Goyal (@deepigoyal) May 18, 2017
Some 6.6 million users with standalone accounts however have been sent emails to reset their passwords.
The company has now pledged to plug its security vulnerabilities and work with the “ethical hacker community” to ensure the app remains a safe space for all users.
“There’s no need to panic,” Patidar said.
Were you affected by the hack? Thoughts?