ShellCodeX Breach Report
Zomato Data Breach
zomato.com
Verified breach
Passwords exposed
Accounts exposed
16,472,873
Breach date
17 May 2017
Added to tracker
04 Sep 2017
Data classes
3
What happened
In May 2017, the restaurant guide website Zomato was hacked resulting in the exposure of almost 17 million accounts. The data was consequently redistributed online and contains email addresses, usernames and salted MD5 hashes of passwords (the password hash was not present on all accounts). This data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.
Exposed data
Email addresses
Passwords
Usernames
Recommended actions
- Change your Zomato password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Zomato โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP