Update: Zomato says it's been able to "open a line of communication with the hacker" who has been "very cooperative with us." It said the hacker wanted the company to "acknowledge security vulnerabilities in our system and work with the ethical hacker community to plug the gaps." It added that the hacker has agreed to "destroy all copies of the stolen data" and remove it from the dark web marketplace, but continued to urge affected users to change their passwords as a precaution.

Early on Thursday, online restaurant guide Zomato revealed it'd been hit by hackers, estimating that login details had been stolen from 17 million of its 120 million users.

In a post on its site the India-based company said the "recent" discovery involved the theft of "email addresses and hashed passwords." It insisted that no payment-related information had been nabbed in the ...