// Hacker Noon · 5 March 2026
The Zomato API Bug That Turns Phone Numbers Into Location Intel
Zomato’s “Friend Recommendations” API allows unilateral contact syncing. By uploading a phone number, bad actors can extract a user’’ restaurant recommendation history and restaurant coordinates. By mapping overlapping delivery radii, an attacker can estimate a user's approximate physical location w...
Hacker Noon
@hacker-noon · Jatin Banga
hackernoon.com
Read Full Article at hackernoon.comHacker Noon@hacker-noon
Discussion 0
Loading
Got something to say?
or to join the conversation.