|
?:reviewBody
|
-
The India-based restaurant review web site Zomato revealed on 18 May 2017 that it had been the victim of a cyber attack compromising data for millions of users. Zomato founder Deepinder Goyal and chief technology officer, Gunjan Patidar, detailed the nature of the attack in a blog post on 23 May 2017: Five days earlier, Patidar said in another post that users' credit card and payment information had not been affected by the data breach. The party responsible for the attack said in an interview that they reported a vulnerability in the company's infrastructure to Zomato after discovering it in 2016 but did not get the response, saying, It does not justify the pain I caused to them, but it is a reason. The hacker also reportedly posted the data for sale on a dark web site, alongside a sample of around 50 accounts. The tech blog Motherboard confirmed that the data was likely legitimately connected to Zomato users, since it could not create new accounts on the site using the email addresses listed on the sample. According to Goyal and Patidar, the hacker grabbed information belonging to a developer that was leaked online as a result of a separate breach against the Lithuanian company 000WebHost in October 2015. But Patidar later described the hacker as very cooperative: According to Patidar, the hacker agreed to destroy all copies of the stolen data and take the data off the dark web marketplace in exchange for Zomato introducing a bug bounty program, through which it can reward users who point out security vulnerabilities in their website. He and Gupta also said that they would collaborate with other Indian online companies on improving their security capabilities.
(en)
|
![[This page as RDF]](http://data.gesis.org/claimskg/static/rdf-icon.gif){kind=icon}