On May 18, almost 17 million Zomato accounts were hacked. Soon after the hack, the online food delivery application accepted that 17 million were records from its database, which includes – names, emails, numeric user IDs, usernames, and password hashes were hacked. However, the company later in the day stated that no payment information or credit card data were leaked. It has been over a week after the hacking incident took place, and now Zomato explains on how the user’s information from their database were leaked.Zomato in a blogpost says, “Since we hope no other company faces a breach like we did, we wanted to share our learnings from this incident and hope this is helpful for other growing companies.” To which the company says that it all started back November 2015, when 000webhost’s user database was leaked online (with plain text passwords), where one of their developers had his personal hosting account with the service. Resulting to which, the developers’ email address and password was also leaked.Also Read: 17 million Zomato accounts hacked: Users should change their password immediatelyThe blogpost further notes, “Unfortunately, the developer was using the same email and password combination on Github. Back then, when 000webhost passwords leaked, we were not using 2 factor authentication on Github. With the login credentials for the developer, the hacker was able to use the developer’s password to get into his Github account and review one of our code repositories to which the developer had access (this happened some time last year, but for some reason the hacker only exploited the code very recently).” Zomato highlights that they have been using two-factor authentication on Github since the last few months only.advertisementZomato further notes that getting access to a part of the code didn’t give the hacker direct access to the database, because its systems are only accessible for a specific set of IP addresses. However, unfortunately, the hacker was able to scan through the code, and ended up exploiting vulnerability in the code to access the database (via remote code execution). “The piece of code which was vulnerable was a part of a deprecated system, and hadn’t been modified for a few years now.”Also Read: Zomato hacked, 17 million accounts stolen”Yes, someone has some of our code, and that’s a risk. But we have taken every step conceivable to us to make sure that the code cannot be exploited in any way possible to breach Zomato’s infrastructure. Also, one more thought that gives us comfort – with every passing day, the leaked code is getting more and more out-of-date,” says Zomato. “We were fortunate enough to resolve this with minimal damage. This incident taught us a good lesson on the importance of security and how we have to be paranoid about it going forward,” adds the company.As per Zomato, the process of hacking has been explained to them by the hacker itself. The food delivery application in its blog post states, “We were lucky we could get in touch with the person (hacker) in good time. As it turned out, the hacker was a security researcher (ethical hacker) who had put up the data for sale to get our attention (and/or to teach us a lesson).” The hacker mainly wanted Zomato to introduce a good bug bounty program on Hackerone. Zomato further states, “The hacker also shared the database with us and took the sales link down once we promised to launch the bug bounty program. He/she also agreed to destroy the data at their end immediately.”
Chelsea Chelsea will gift title to Man Utd or City if they don’t clean up their act Nizaar Kinsella Click here to see more stories from this author Chelsea correspondent Last updated 2 years ago 16:00 18/9/2017 FacebookTwitterRedditcopy Comments() Getty Images Chelsea Premier League Antonio Conte David Luiz Opinion Ill-discipline is creeping into the champions’ game, and the Blues must learn to curb it if they are to retain their title this season David Luiz became the latest in a long line of red cards for Chelsea when he was sent off in Sunday’s scoreless draw with Arsenal. The Brazil international was deemed to have gone in dangerously on Sead Kolasinac during the second half of the encounter, continuing a run of bleak discipline for the champions that threatens to undermine their title defence before it has ever truly got started.Indeed, Antonio Conte’s side have had four players dismissed in the opening six domestic matches of the season – as many as in their previous 73 outings. Pedro saw red during the Community Shield while both Gary Cahill and Cesc Fabregas were given their marching orders against Burnley before David Luiz at the weekend. Article continues below Editors’ Picks ‘I’m getting better’ – Can Man Utd flop Fred save his Old Trafford career? Why Barcelona god Messi will never be worshipped in the same way in Argentina Lyon treble & England heartbreak: The full story behind Lucy Bronze’s dramatic 2019 Liverpool v Man City is now the league’s biggest rivalry and the bitterness is growing A Chelsea sending off, it seems, has become more regular than a Crystal Palace goal.In fact, you could even look back a game further to the FA Cup final, when Victor Moses earned two yellow cards, which ultimately gave Arsenal the edge at Wembley Stadium.Chelsea are winners and they are motivated by a passionate manager, but their inability to keep 11 players on the field is concerning, all the more so given the electric start both Manchester clubs have made this season.Conte looked to deflect concerns by saying Chelsea needed to be “luckier” with refereeing decisions after the disappointment of dropping two more points at the weekend.”Do you think we are becoming bad?” Conte said at Stamford Bridge. “For sure, it’s strange. But in normal situations, we have to improve, in tactical situations, physical situations.”Also, we have to be luckier in the future. This type of period can happen when you are not so lucky and receive red cards. But, as I said before, I think we have to try to improve in all situations.”Conte, however, was less forgiving of his players when they received two red cards against Burnley on the opening day of the season.”You can see that in the last three official games, we twice finished with 10 men against Arsenal and today with nine men,” the Italian said in August. “I have had to study a new formation with 10 players on the field because when it happens with this regularity you must be worried.” Luiz’s red card will only rekindle these concerns.Manchester United and Manchester City have set the pace in the Premier League, but Chelsea are every bit as good as their most serious competitors. Conte got more out of his team than any other manager last season and he will now need to look into his man-management abilities to control a temporarily overcommitted side.Against Tottenham at Wembley, the Blues showed that they can manage a depleted squad in a one-off situation. Fabregas and Cahill were suspended for that match, Eden Hazard not fit after his ankle break and the club was in the grip of a recruitment crisis as it wrestled with the demands of the summer window. Victory under those circumstances highlighted Conte’s aptitude to win in tough conditions, but it is not a viable long-term strategy for success in the league.It is, therefore, important that Chelsea’s players rediscover the disciplinary line that should not be crossed. Playing close to it can be the difference between winning and losing, but repeatedly crossing it is currently costing the Blues.68 – Chelsea have committed m Check out Goal’s Premier League 2019-20 fantasy football podcast for game tips, debate and rivalries.
TORONTO – The strength of Canada’s team at the upcoming Invictus Games in Toronto lies in the bond between the veterans and armed forces members who form the group, the team’s co-captain said Thursday as organizers marked the 100-day countdown to the international sporting competition.The games, founded by Prince Harry, will be held in Toronto Sept. 23-30 and will mark the first time Canada hosts the event.The competition for wounded, injured and sick troops, including current and veteran members of the forces, aims to use sport to inspire recovery and draw awareness to the physical and psychological injuries suffered by service members.Canada’s team, unveiled Thursday, is made up of 90 athletes who have acquired a physical or mental-health injury or illness while in service.“It’s… the events that happened that bond us together,” said co-captain Maj. Simon Mailloux. “It’s a special thing to come back and to do a different kind of challenge, a sport one, and represent Canada again.”Canada’s team is already training at a camp in Kingston, Ont., after a previous training camp in British Columbia.Mailloux said the games are a source of motivation for veterans and active service members.“I’ve lost a leg in Afghanistan and sport has been the way for me to rehabilitate and be able to redeploy back, and be able to serve again.”Tickets to the games went on sale Thursday. Sporting event tickets cost $25 and opening ceremony tickets start at $60.Organizers also announced the Canadian musical talent, including Alessia Cara, Sarah McLachlan and The Tenors, that will perform at the opening ceremonies.There will be 550 competitors from 17 countries coming to Toronto to compete in 12 sports, including track and field, swimming and, in a first for the Invictus Games, golf.Michael Burns, CEO of Invictus Games Toronto 2017, said spectators will be amazed to see what the competitors will do — especially if they know how far they’ve come, with some of the competitors struggling just to get out bed months ago.“These are people who are used to winning, because they had to on the field of battle,” he said.The first Invictus Games were held in London, England, in 2014.