KiranaPro, an innovative Indian grocery delivery startup known for its unique voice-enabled ordering system, recently fell victim to a severe cyberattack that wiped out critical company data. This breach has left the company’s app crippled, unable to process customer orders, and exposed sensitive user information to potential risks.
The alarming incident came to light when KiranaPro’s leadership discovered on May 26 that hackers had gained access to their Amazon Web Services (AWS) and GitHub accounts, wiping out vital servers and app code. Deepak Ravindran, KiranaPro’s co-founder and CEO, confirmed to TechCrunch that the erased data included not only their application’s code but also servers containing personal customer information names, mailing addresses, and payment details.
KiranaPro, launched in December 2024, operates through the Indian government’s Open Network for Digital Commerce. The app boasts 55,000 users, with about 30,000 to 35,000 active buyers across 50 cities who place roughly 2,000 orders daily. Unlike traditional grocery delivery platforms, KiranaPro stands out by offering a voice-based interface supporting multiple Indian languages like Hindi, Tamil, Malayalam, and English, allowing users to order groceries simply by speaking.
Before the attack, the startup had ambitious plans to scale to 100 cities within 100 days, as shared by Ravindran. Unfortunately, the breach disrupted these plans. The company’s CTO, Saurav Kumar, explained the severity of the attack: “We can only log in through the IAM [Identity and Access Management] account, through which we can see that the EC2 instances don’t exist anymore, but we are not able to get any logs or anything because we don’t have the root account.”
The breach reportedly occurred around May 24-25, with hackers allegedly gaining entry using credentials linked to a former employee’s account. Ravindran provided screenshots of GitHub security logs and activity records pointing toward this vulnerability. Despite multi-factor authentication implemented through Google Authenticator, the hackers managed to change the authentication code, deleting all critical cloud services.
In response, KiranaPro has engaged GitHub’s support team to trace the hacker’s IP addresses and is pursuing legal action against former employees who failed to provide their access credentials for investigation.
While the exact cause remains uncertain, Ravindran highlighted that recent major cyberattacks, such as those on LastPass and Snowflake, often stemmed from credential theft and inadequate multi-factor authentication enforcement. “The companies were ultimately responsible for enforcing the security of their systems, including whether their employees must use multi-factor authentication, and terminating accounts of former employees,” the article noted.
Backed by prominent investors like Blume Ventures and angel investors, including Olympic medalist PV Sindhu, KiranaPro’s 15-member team, located in Bengaluru and Kerala, now faces the challenge of restoring trust and rebuilding their infrastructure after this breach.
