KiranaPro, a Bengaluru-based grocery delivery platform operating on the Indian government’s Open Network for Digital Commerce (ONDC), has been severely disrupted after a devastating cyberattack wiped out its servers and code base. According to CEO Deepak Ravindran, hackers deleted the company’s core app infrastructure hosted on Amazon Web Services (AWS), along with associated GitHub repositories. The lost data includes sensitive customer information such as names, addresses, and payment details.
The company, launched in December 2024, served 55,000 customers across 50 cities and facilitated around 2,000 orders per day. It was preparing for a rapid expansion into 100 cities over the next three months. Those ambitions are now on hold. Though the KiranaPro app remains online, it is currently unable to process any orders.
A Breach Traced to Former Employee Access
The breach was discovered on May 26 when executives failed to access their AWS management console and GitHub repositories. Security logs obtained from GitHub suggest that the hack may have originated through access left behind by a former employee. Screenshots provided by Ravindran show suspicious login activity around May 24–25.
Inside the Coinbase India Data Leak: Bribes, Outsourcing, and a ₹3,320 crore Breach
Despite using Google Authenticator for multi-factor authentication, the attackers reportedly bypassed core safeguards—possibly through password-stealing malware or unrevoked credentials. “We don’t have root access anymore. We can only see remnants via IAM logs,” said Ravindran.
The company has since reached out to GitHub’s support team for forensic assistance in tracing the attacker’s IP addresses. Legal action is also being initiated against several former employees for failing to disable access to company repositories.
A Harsh Wake-Up Call for Indian Tech Startups
This breach highlights growing concerns over cybersecurity in India’s tech startup ecosystem. KiranaPro, backed by venture firms like Blume Ventures, Unpopular Ventures, and Turbostart—and endorsed by figures like Olympic medalist PV Sindhu—had only a 15-member team handling both technology and operations.
Experts say that overreliance on cloud-based infrastructure without rigorous security hygiene makes early-stage startups easy targets. “Credential management, access control, and employee offboarding protocols need to evolve quickly,” said one cyber expert not affiliated with the company.
The KiranaPro incident joins the ranks of other high-profile breaches at firms like LastPass and Snowflake, emphasizing the role of human error and internal vulnerabilities in modern cyber threats.
The company has not yet confirmed whether the lost data can be recovered or whether encrypted backups exist. For now, KiranaPro’s future—and that of its 55,000 customers—is uncertain.