Yesterday, the Google-backed Indian delivery service platform Dunzo disclosed a data breach that exposed private data of its customers including their phone numbers and email addresses.
Headquartered in Bangalore, Dunzo is a popular online delivery platform that offers pick up and deliver services in over eight big cities in India and receives more than 10 lakh monthly orders (2019).
The company said that hackers conducted a cyberattack targeting the servers and obtained the company’s customer database that was being managed by a third-party service provider.
The exposed database contained private information such as phone numbers and email addresses of the Dunzo customers.
“No payment information like credit card numbers was compromised as we do not store this data on our servers.” reads the breach notification by Dunzo. “As soon as we became aware of the breach, we launched an internal investigation to determine what happened.”
During the investigation, the company found out that the servers of a third party they work with were compromised.
After the discovery, the tech team at Dunzo immediately secured the exposed database and provided additional layers of security to prevent such network compromise attempts in the future.
According to the notification, the security breach is still under investigation.
In response to the breach, Mukund Jha, the Chief Technology Officer of Dunzo further said, “While our best teams are working on resolving and strengthening our security efforts, we’re also engaged with leading cybersecurity firms and experts to further strengthen our efforts.”