It wasn't immediately clear whether this 6.6 million was part of the 17 million records stolen.
"So far, it looks like an internal (human) security breach - some employee's development account got compromised", the company said in a blog post, without providing further details.
The company was also careful to say that the data was not hacked or stolen but compromised.
According to information shared on Hackeread.com, a user by the name of "nclay" claimed to have hacked Zomato.
Malaysia's growth quickens, beating forecasts
BNM said in March it expected economic growth for the whole year to be between 4.3 and 4.8 percent, but the Q1 results gave it reasons to be more optimistic.
They went onto say that they were working to improve security and that they would be "actively working to plug any more security gaps that we find in our systems" in the coming days and weeks. His/her key request was that we run a healthy bug bounty program for security researchers.
Following the events, Zomato is going to announce a bug bounty program on Hackerone.
Close to 120 million users visit the Zomato website for queries and ordering of food.
Andre Stewart, VP EMEA at Netskope, warned that data breaches of this sort can often create a risky domino effect of further breaches. MediaNama was not able to independently verify this. "Along with this, the MD5 hashing algorithm is outdated and has been superseded by more cryptographically secure hashing algorithms". This put users at risk since the encrypted passwords stored on Zomato's database can be converted into readable formats easily.
United States envoy vows to call out countries backing North Korea
It said this was a test of its capability to carry a "large-size heavy nuclear warhead", drawing Security Council condemnation. Ties between the countries have plunged over the deployment in South Korea of a USA missile defense system called THAAD .
Zomato has assured its users that their payment related information on Zomato is stored separately from this stolen data in a highly secure data security standard (DSS) compliant vault, and no payment information or credit card data has been stolen by the hackers. "Your payment information is absolutely safe and there's no need to panic", Zomato said in a statement.
Zomato said that no money has passed hands and that it has been in communication with the hacker.
The above cryptographic method is required to help reduce the effectiveness of a brute-force attack or dictionary attack - a password cracking method which matches every bit of the password with a random alphabet/character/number until the entire text of the password is matched. The hacker also provided all the details on the way he or she got access to the database.
"Technically what they are saying is correct, i.e. a hashed password can not be decrypted, but what they aren't saying is - it is technically possible to break the hashing algorithm to guess the passwords". We are yet to hear back from them.
Federal Bureau of Investigation chief James Comey's firing highlights Donald Trump media team chaos
It was the first time that Trump had explicitly tied the Russian Federation probe to his rationale for firing Comey. It was with this highly questionable backdrop that Trump fired Comey on Tuesday night.
- United States senators probe Donald Trump official on special counsel, Federal Bureau of Investigation firing
- Celtics outlast Wizards in Game 7, advance to Eastern Conference finals
- The Cavaliers will play the Boston Celtics in the Eastern finals
- Chipotle Mexican Grill, Inc. (CMG) Stock Rating Reaffirmed by Jefferies Group LLC
- Brazil leader denies report he endorsed bribing ex-lawmaker
- Ordered released from prison, man faces removal
- Trump Campaign Had Over a Dozen Secret Conversations With Russian Officials
- Phil Kessel scores, Penguins shut out Senators in Game 2
- Just Eat faces competition probe into Hungryhouse takeover
- US Republican lawmakers begin to distance from Trump