Dunzo, a Google owned on-demand delivery startup has released an official statement on Saturday that it has suffered a major data breach, likely exposing email address and phone numbers of its users.
According to the press statement released by the CTO Mukund Jha later on Saturday, the data breach occurred because of a server infiltration occurring at one of the Dunzo’s partner data center that was being used to secure sensitive details such as contact information.
“No payment card info was leaked in the cyber attack as the Indian startup doesn’t store any such info on its servers for long”, said Mr. Jha. Also, as the company offers OTP based logins, the question of password storing procedure gets eliminated.
“Since the start of COVID 19 lockdown, there has been an increase in the service usage by 35% and incidents such as these might hinder the prospective of a business on long run”, said Steve Irvin from Cisco Talos.
Meanwhile, Dunzo has assured that it has taken all measures to prevent any security breaches in future by tightening its infrastructure’s security, updating passwords and re-issuing tokens as a precautionary measure. Dunzo has also provided an email address datasec@dunzo dot in for customers to address queries.
All the customers of the Bangalore, India-based delivery startup have been informed about the security breach via email by Monday i.e. July 13th, 2020.
Note 1- Dunzo, which has gained the investment backup from Tech Giant Google, offers a slew of delivery services such as groceries, medicines, along with bike and car pooling facilities.
Note 2- Elyments, a newly started social media app that gained 2 million downloads within no time, reportedly became a victim of DDoS attack within hours of its launch. However, the IT staff of the company monitored and took control of the situation in time to avoid any disruption of services related to the app functioning.