Delivery startup Dunzo has suffered a data breach that leaked cellphone numbers and e mail addresses of its customers, the corporate’s chief know-how officer (CTO) Mukund Jha introduced earlier in the present day. Jha’s submit says that the servers “of a 3rd social gathering” Dunzo works with were compromised, and it allowed the attackers to get “unauthorized access” and breach the corporate’s database.
No fee info, like credit score or debit playing cards and so forth. has been compromised, based on Jha. The firm additionally despatched emails to its customers informing them in regards to the data breach, stating that it has secured its databases, rotated entry tokens and altered all passwords. The e mail doesn’t inform customers to vary their passwords, however that’s seemingly as a result of Dunzo makes use of cellphone numbers and one time passwords for logins.
Dunzo additionally hasn’t revealed when the hack truly occurred or how lengthy the database was left uncovered. It’s unclear whether or not the attackers received entry to its whole database or what number of customers have been uncovered. We have written to Dunzo for a clarification. This story shall be up to date to replicate their response.
Cyber assaults and data breaches have elevated because the pandemic drove folks indoors, spurring corporations to bolster cybersecurity. However, safety corporations have nonetheless been warning about new assaults that attempt to benefit from the pandemic, by spreading pretend emails to customers and making an attempt to compromise their gadgets.
The Dunzo breach although appears to have occurred on the server finish, so it might not absolutely be within the firm’s management.