Google-backed Indian delivery startup Dunzo suffers data breach

Google-backed Indian delivery startup Dunzo suffers data breach
Credit: Dunzo

Google-backed Indian hyperlocal delivery service Dunzo said it suffered a data breach that left customer data including email IDs and phone numbers exposed.

Dunzo provides pick up and deliver services in over seven cities in India. Given the majority of India’s business relies on offline commerce, through Dunzo, you can ask a delivery person to visit a shop to purchase something and deliver it to you for nominal fees. The service also allows you to pick up a package from a friend’s place and drop it at your home.

The company said that hackers gained unauthorized access to one of its databases:

Recently, our team identified a security breach that involved unauthorized access to one of our databases. While we are still investigating, we believe it is our responsibility to inform you as soon as possible.

It added that financial details such as credit card information and transaction details were not compromised. Dunzo said a server of a third-party service that it used to store its databases was breached. The startup didn’t give any detail about this third-party service.

For security measures, the company has now secured all its databases and changed accesses tokens and passwords to prevent any further data breach.

At the moment, it’s not clear data of how many customers were compromised. We’ve asked Dunzo for more details, and we’ll update the story if we hear back.

Read next: Javascript regular expressions aren’t that daunting — here’s how to design your own