Indian grocery delivery startup KiranaPro has suffered a major cyberattack that’s left its app unusable and customer data wiped clean. The company’s founder Deepak Ravindran confirmed the breach to TechCrunch, saying that hackers gained access to their systems and deleted everything, from the app’s code to sensitive customer details like names, addresses, and even payment information.
KiranaPro, launched in December 2024, had quickly gained popularity in the market by offering a voice-based ordering system in regional languages like Hindi, Tamil, Malayalam, and English. It connected users to local kirana stores across 50 cities and was handling around 2,000 orders a day. The team had plans to double its footprint in the next 100 days until the hack brought everything to a halt.
The breach was discovered on May 26 when the team couldn’t log in to their Amazon Web Services (AWS) account. It turns out that hackers had accessed the company’s root AWS and GitHub accounts, likely through an ex-employee’s credentials.
KiranaPro’s servers were wiped, including all virtual machines (EC2 instances) that power the app. The company said they were using two-factor authentication, but somehow, the attackers still got in.
Now, the startup is reaching out to GitHub to trace the hacker and is preparing legal action against former employees who hadn’t surrendered their credentials.
With big-name investors like Blume Ventures and Olympic medalist PV Sindhu backing it, KiranaPro is hoping to recover but the road ahead won’t be easy.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
