
Hacker steals 17M users' data from restaurant app Zomato - schnell
http://www.dailymail.co.uk/sciencetech/article-4518060/Hackers-steal-17-million-users-data-Indian-restaurant-app-Zomato.html
======
yashendra2797
To clarify, the hacker was actually a researcher who put the data online to
draw Zomato's attention of a vulnerability he'd disclosed to them more than a
year ago.

Here's the more interesting part: As per some sources the data used MD5 with a
2(!) character salt.

EDIT: Here's some more info from Zomato's side:
[http://blog.zomato.com/post/160986258541/security-update-
wha...](http://blog.zomato.com/post/160986258541/security-update-what-really-
happened-and-what)

~~~
ben_jones
_In hindsight, what helped us contain the extent of the breach?_

You didn't contain a breach. You're security was a joke.

------
sealord
It was clarified later that the "hacker" was a security professional who put
up all that data on the Dark Web to draw Zomato's attention to loopholes in
its systems.

[http://blog.zomato.com/post/160986258541/security-update-
wha...](http://blog.zomato.com/post/160986258541/security-update-what-really-
happened-and-what\(http://blog.zomato.com/post/160986258541/security-update-
what-really-happened-and-what\))

Edit - Turns out the OP's article mentions the same thing. Might as well
confess a personal bias - every time I see a Daily Mail article, I can't help
but think about how they served as a Nazi mouthpiece for years before the war,
so _all_ their stuff's got to be inaccurate/biased.

~~~
tenkabuto
> [Daily Mail] served as a Nazi mouthpiece for years before the war

> [Therefore,] all their stuff's got to be inaccurate/biased.

That conclusion doesn't really follow from the premise.

~~~
wand3r
I agree, but as someone who hates daily mail because I don't find it credible
nor to have much depth; it does speak them being historically pretty shit as
wel

~~~
Natsu
If you want some more historical fun, go back and look up which newspapers
were supportive of Japanese internment :)

