Zomato believes an insider is responsible for the over 17 million usernames and hashed passwords that were taken by hackers.
User email addresses and hashed passwords are included in the stolen data reads the notice of the company's data breach.
By claiming that hashed passwords are difficult to decode, the business attempted to minimise the situation.
Zomato affirmed that hackers were unable to obtain customer financial information that was kept in a different database and was not compromised in the attack.
Source: https://securityaffairs.com/59221/data-breach/zomato-data-breach.html
"id": "ZOM1935211123",
"linkid": "zomato",
"type": "Data Leak",
"date": "05/2017",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"