Customer Data Of Google-Backed Dunzo Breached

Customer Data Of Google-Backed Dunzo Breached

The customer data of Google-backed hyperlocal delivery startup Dunzo was recently breached, the company’s CTO and cofounder Mukund Jha has confirmed. The breached database included the customers’ phone numbers and email ids.

Dunzo has assured that all financial information like credit cards have not been compromised as the company stores that data in other services. The Bengaluru-based startup’s investigation suggests that the server of one of its third-party partners was compromised, which allowed the attackers unauthorised access to Dunzo’s database.

The company has assured that it secured all its database. Besides, it has also rotated all the access tokens and updated passwords as a precautionary measure. Dunzo has also mentioned four other plans of action they have taken to ensure users’ data safety. These include:

  • Tightened infrastructure security and closed all the vulnerable ports
  • Reviews and updated all access privileges to its system and infrastructure
  • Reviewed all third-party plugins and integrations
  • Enhanced its logging and tracing across various services to monitor and get alerts about any suspicious activity

“We believe that all necessary steps have been taken to resolve the security breach and will keep you updated if we know more,” Jha wrote in the email. The company has also asked users to reach out to datasec@dunzo.in in for further queries.

The customer data of Google-backed hyperlocal delivery startup Dunzo was recently breached, the company’s CTO and cofounder Mukund Jha has confirmed. The breached database included the customers’ phone numbers and email ids. Dunzo has assured that all financial information like credit cards have not been compromised as the company stores that data in other services. The Bengaluru-based startup’s investigation suggests that the server of one of its third-party partners was compromised, which allowed the attackers unauthorised access to Dunzo’s database. The company has assured that it secured all its database. Besides, it has also rotated all the access tokens and updated passwords as a precautionary measure. Dunzo has also mentioned four other plans of action they have taken to ensure users’ data safety. These include: • Tightened infrastructure security and closed all the vulnerable ports • Reviews and updated all access privileges to its system and infrastructure • Reviewed all third-party plugins and integrations • Enhanced its logging and tracing across various services to monitor and get alerts about any suspicious activity “We believe that all necessary steps have been taken to resolve the security breach and will keep you updated if we know more,” Jha wrote in the email. The company has also asked users to reach out to datasec@dunzo.in in for further queries. <Screenshot> Founded by Dalvir Suri, Mukund Jha, Kabeer Biswas and Ankur Aggarwal in 2015, Dunzo connects users with vendors which are usually grocery shops to facilitate the delivery of products. Additionally, it also fulfills door-to-door courier services and on-demand deliveries of non-essential items as well. Dunzo is currently operating in Bengaluru, Delhi, Noida, Pune, Gurugram, Powai, Hyderabad and Chennai. Last year, the company had raised $45 Mn from Google, Lightbox Ventures, STIC Investment, STIC Ventures and 3L Capital in Series D to expand its technology infrastructure and develop partnerships with small and medium businesses. Dunzo had earlier claimed that it has a repeat user rate of 80% and a transaction frequency of five orders per month per user. It aimed to be profitable on a micro-level by the last year, though the financial report for financial year 2020 is not out yet. In the financial year 2019, the company has turned profitable in some cities. But overall, Dunzo posted a loss of INR 168.9 Cr for FY19. On the other hand, the revenue grew 3.5x reaching INR 3.5 Cr in FY19 from INR 77 Lakh in FY18. Speaking at Inc42’s ‘Ask Me Anything’ webinar, Dunzo’s Biswas noted that the company has noted another uptake during the Covid-19 pandemic and become a ‘pipeline of the city’. This is helping Dunzo not only increase revenue but also create a loyal user base. The supply shock of the early days of the lockdown allowed Dunzo to rewrite unit economics, Biswas recalled.

Founded by Dalvir Suri, Mukund Jha, Kabeer Biswas and Ankur Aggarwal in 2015, Dunzo connects users with vendors which are usually grocery shops to facilitate the delivery of products. Additionally, it also fulfills door-to-door courier services and on-demand deliveries of non-essential items as well. Dunzo is currently operating in Bengaluru, Delhi, Noida, Pune, Gurugram, Powai, Hyderabad and Chennai.

Last year, the company had raised $45 Mn from Google, Lightbox Ventures, STIC Investment, STIC Ventures and 3L Capital in Series D to expand its technology infrastructure and develop partnerships with small and medium businesses.

Dunzo had earlier claimed that it has a repeat user rate of 80% and a transaction frequency of five orders per month per user. It aimed to be profitable on a micro-level by the last year, though the financial report for financial year 2020 is not out yet. In the financial year 2019, the company has turned profitable in some cities. But overall, Dunzo posted a loss of INR 168.9 Cr for FY19. On the other hand, the revenue grew 3.5x reaching INR 3.5 Cr in FY19 from INR 77 Lakh in FY18.

Speaking at Inc42’s Ask Me Anything’ webinar, Dunzo’s Biswas noted that the company has noted another uptake during the Covid-19 pandemic and become a ‘pipeline of the city’.  This is helping Dunzo not only increase revenue but also create a loyal user base. The supply shock of the early days of the lockdown allowed Dunzo to rewrite unit economics, Biswas recalled.

The post Customer Data Of Google-Backed Dunzo Breached appeared first on Inc42 Media.


Author: Kritti Bhalla

Source : https://inc42.com/buzz/customer-data-of-google-backed-dunzo-breached/


Date : 2020-07-11T10:34:25.000Z

Post a Comment

Previous Post Next Post