“The hashed password cannot be converted/decrypted back to plain text – so the sanctity of your password is intact in case you use the same password for other services,” the firm said in a security notice to its consumers.
“But if you are paranoid about security like us, we encourage you to change your password for any other services where you are using the same password.”
Zomato said “no payment information or credit card data has been stolen/leaked” as they were stored in “highly secure” digital vaults.
The firm said it appeared that “an internal (human) security breach” had led to the theft of the data.
Zomato is based in Gurgaon near Delhi and is active in 10,000 cities, including London and New York, across 24 countries around the world.