KiranaPro Suffers Devastating Cyberattack, Losing All Data and App Code
Indian grocery delivery startup KiranaPro experienced a catastrophic cyberattack between May 24 and 25, resulting in the complete destruction of its data, including sensitive customer information and app source code. The breach, attributed to attackers exploiting a former employee’s account, targeted the company’s AWS and GitHub repositories.
KiranaPro co-founder and CEO Deepak Ravindran revealed that the attackers replaced the multi-factor authentication (MFA) code for the startup’s AWS account and deleted all Elastic Compute Cloud (EC2) services. The company’s Chief Technology Officer, Saurav Kumar, confirmed that while the Identity and Access Management (IAM) account remains accessible, the root account along with all logs has been compromised, leaving no trace of the attack’s execution.
Prior to the incident, KiranaPro had been preparing to expand its operations to 100 cities across India. The investigation into the attacker’s identity is ongoing.
Source: https://www.scworld.com/brief/cyberattack-eradicates-indian-grocery-startups-data
KiranaPro cybersecurity rating report: https://www.rankiteo.com/company/kiranapro
"id": "KIR1768366564",
"linkid": "kiranapro",
"type": "Cyber Attack",
"date": "6/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Grocery Delivery',
'location': 'India',
'name': 'KiranaPro',
'type': 'Startup'}],
'attack_vector': 'Compromised former employee account',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Sensitive customer information',
'App code']},
'date_detected': '2024-05-24',
'description': 'All data belonging to Indian grocery delivery startup '
'KiranaPro, including its sensitive customer information '
'stored in its servers and its app code, was destroyed '
'following a cyberattack. Attackers leveraged a former '
"employee's account to infiltrate KiranaPro's AWS and GitHub "
'accounts, replacing the multi-factor authentication code and '
'removing all Electric Compute Cloud services.',
'impact': {'data_compromised': 'All data, including sensitive customer '
'information and app code',
'identity_theft_risk': 'High (sensitive customer information '
'exposed)',
'operational_impact': 'Complete data destruction, disruption of '
'expansion plans',
'systems_affected': 'AWS (EC2 instances), GitHub'},
'initial_access_broker': {'entry_point': 'Former employee account'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'root_causes': ['Insufficient access controls',
'Lack of root account protection']},
'references': [{'source': 'TechCrunch'}],
'title': 'KiranaPro Data Destruction Cyberattack',
'type': 'Data Destruction',
'vulnerability_exploited': 'Insufficient access controls, lack of root '
'account protection'}