9 hours ago
Grocery startup KiranaPro CEO gives an update on how company's servers were deleted: It was not hacking but ...
KiranaPro, a grocery delivering startup was recently hit by a sever cyberattack in which led to the complete deletion of its servers. Now, the company CEO
Deepak Ravindran
has confirmed that recent data wipeout was not the result of any external cyberattack, but rather an internal breach caused by a former employee. Ravindran posted on social media platform X (formerly known as Twitter) about the indecent. In post, he wrote that the company initially suspected hacking but later discovered that a trusted internal employee was responsible for deleting critical server logs. Despite the setback,
KiranaPro
assured that customer data remains intact, and the company is working to restore its services. The startup has also strengthened security measures, including revamping access controls and improving audit logging, to prevent similar incidents in the future.
KiranaPro's complete data deleted: Here's what happened
KiranaPro lost access to its backend servers and app source code, leading to disruptions in its operations. Initially, the company feared a targeted cyberattack, but an internal investigation revealed that the data deletion was intentional and carried out by an ex-employee with legitimate system access.
The startup, which operates on the Indian government's Open Network for Digital Commerce (ONDC), had been serving 55,000 customers across 50 cities, facilitating 2,000 orders daily.
KiranaPro CEO Deepak Ravindran on how company's servers were deleted
Ravindran explained that the individual behind the breach had worked with him previously and was part of the company's product team. The employee's role was terminated due to internal restructuring, and shortly after, the server logs were wiped.
"This was not a hack. No external party exploited vulnerabilities or bypassed security protocols. Instead, it was an
internal data breach
by someone who had legitimate access to our systems," Ravindran stated
Read KiranaPro CEO Deepak Ravindran complete post here
Clarifying the Recent Incident at
@kirana_pro
In light of recent events affecting our infrastructure, I want to take a moment to provide clarity and transparency regarding what occurred, the last few days have been hectic and stressful and firstly I would thank you for your support during such trying times.
Here is a snapshot of what happened and what did not.
After careful investigation, we conclude that this was not a hack. No external party penetrated our ordering or payment systems, exploited vulnerabilities, or bypassed security protocols. Our external security posture remains intact, and there is no evidence of any unauthorized access from outside the organization. All customer data stays intact.
Instead, this was an internal data breach. Specifically, it was the result of actions taken by a trusted internal employee who had legitimate access to our systems. This individual intentionally deleted critical server logs while they were being tested and/or edited, an action that goes directly against our policies, our principles, and the trust we place in our team.
Why the Distinction Matters
Understanding the nature of this incident is important:
A hack implies that a system was compromised from the outside. Typically due to security flaws or insufficient safeguards, which could place customers and stakeholders at broader risk.
An internal breach, however, involves someone with authorized access misusing their privileges. This represents a very different type of threat: one rooted in internal trust and the perpetrators need for vengeance, rather than technical system vulnerability.
What We're Doing
We are taking this breach extremely seriously and have already taken the following steps:
•Internal teams are working hard to bring the KiranaPro app back up live.
•Initiated a full forensic review to determine the complete scope and impact of the data deletion.
•Strengthened access controls and improved audit logging to prevent similar incidents in the future.
•Reinforced internal policies and implemented additional training around data governance and privileged access, restructed MFA for all parties working on the server and implemented a One-to-One Entry Log to the databases as we rebuild what we lost during this attack.
•Pursuing appropriate disciplinary and legal action against the individual responsible, in line with the severity of the breach.
I fully understand the concern this incident may cause. As the founder, I want to reiterate our commitment to protecting our systems and data not only from external threats but from internal misuse as well.
An attack of this kind is not an attack on outcomes, It is an attack on trust and the covenant we share with our employees, The next few months will see us come back, with learnings from this experience with stronger controls and systems in place.
Looking forward to your continued support.
AI Masterclass for Students. Upskill Young Ones Today!– Join Now
