All data belonging to Indian grocery delivery startup KiranaPro, including its sensitive customer information stored in its servers and its app code, has been destroyed following a cyberattack between May 24 and 25, according to TechCrunch.
Attackers believed to have leveraged a former employee's account were able to infiltrate KiranaPro's AWS and GitHub accounts, said KiranaPro co-founder and CEO Deepak Ravindran, who noted the firm's plans to expand its operations to 100 cities across India prior to the hack. Moreover, the multi-factor authentication code leveraged for the startup's AWS account had been replaced, while all Electric Compute Cloud services had been removed. "We can only log in through the IAM [Identity and Access Management] account, through which we can see that the EC2 instances don't exist anymore, but we are not able to get any logs or anything because we don't have the root account," noted KiranaPro Chief Technology Officer Saurav Kumar. Investigation into the identity of the attacker is ongoing.
Attackers believed to have leveraged a former employee's account were able to infiltrate KiranaPro's AWS and GitHub accounts, said KiranaPro co-founder and CEO Deepak Ravindran, who noted the firm's plans to expand its operations to 100 cities across India prior to the hack. Moreover, the multi-factor authentication code leveraged for the startup's AWS account had been replaced, while all Electric Compute Cloud services had been removed. "We can only log in through the IAM [Identity and Access Management] account, through which we can see that the EC2 instances don't exist anymore, but we are not able to get any logs or anything because we don't have the root account," noted KiranaPro Chief Technology Officer Saurav Kumar. Investigation into the identity of the attacker is ongoing.
