KiranaPro Hack: How a Cyberattack Wiped Out an Indian Grocery Startup's Servers and Data

Indian grocery delivery startup KiranaPro has been hit by a devastating cyberattack, resulting in the complete wipeout of its servers and customer data. The company's founder, Deepak Ravindran, confirmed the breach to TechCrunch, revealing that the hackers destroyed the app code and servers containing sensitive customer information, including names, addresses, and payment details.

The Impact of the Hack

• App functionality compromised: While the KiranaPro app remains online, it can no longer process orders.
• Voice-based interface: Unique to KiranaPro, this feature allowed users to place orders via voice commands in multiple languages, serving 55,000 customers across 50 cities.
• Expansion plans halted: The startup was on track to expand to 100 cities in the next 100 days before the attack.

How the Hack Unfolded

On May 26, KiranaPro executives discovered the breach upon logging into their Amazon Web Services account. Hackers had accessed the startup's root accounts on AWS and GitHub, allegedly through a former employee's account. The company's CTO, Saurav Kumar, noted that multi-factor authentication codes had changed, and all EC2 services were deleted, leaving them unable to recover logs or data.

Next Steps for KiranaPro

• Collaboration with GitHub: The startup is working with GitHub's support team to trace the hacker's IP addresses.
• Legal action: KiranaPro is filing cases against former employees who failed to submit their GitHub credentials.

Lessons from the Attack

This incident underscores the critical importance of enforcing multi-factor authentication and securely managing former employees' access. Recent high-profile breaches, like LastPass and Snowflake, highlight similar vulnerabilities.

KiranaPro, backed by Blume Ventures and Unpopular Ventures, among others, now faces the daunting task of rebuilding its infrastructure and regaining customer trust.