Indian delivery start-up Dunzo has suffered a data breach exposing quite a bit of personal information of its users. The company’s CTO Mukund Jha announced news of the breach and explained what happened.
According to the company, servers of a third party that Dunzo works with were compromised by hackers. This allowed the attackers to gain unauthorised access to Dunzo’s database. According to reports, hackers gained access to email addresses, phone numbers, names, geographic locations, and IP addresses of over 3.4 million users.
The website Have I Been Pwned sent out emails to users who had signed up for notifications informing them of the breach. According to the website, the breach occurred sometime in June 2020.
Dunzo hasn’t given any details about when the breach happened. However, the company has clarified that no payment details, such as credit and debit card details have been leaked. Moreover, the company has also sent out emails to its users informing them of the data breach.
In the email, undersigned by the company’s CTO, the company says “Recently, our team identified a security breach that involved unauthorised access to one of our databases. […] We believe that all necessary steps have been taken to resolve the security breach.”
Of late, cyberattacks have become more common than ever. In fact, a recent report mentioned that India was the third biggest victim of cyberattacks in the world.