Why read this story?
Editor's note: On 10 July, Mukund Jha disclosed that Dunzo had experienced a data breach. In his Medium post, the chief technology officer of the Bengaluru-based hyperlocal delivery app stressed that users’ payment information remained safe, since such information wasn’t on the affected servers. That’s because credit card, bank account and sensitive financial data is typically stored by payment processors (banks, payment gateways and fintech companies). The breach, he added, only involved numbers and email addresses. The leak itself was traced to the servers of a third party Dunzo works with. “This allowed the attacker to get unauthorized access and breach our database,” Jha wrote, as if to imply that (a) information stored locally with Dunzo is safer, and (b) Dunzo isn’t responsible for security lapses by the third parties it shares our data with. You already know about this leak if you’ve used Dunzo. If not, an alert by Have I Been Pwned? or Firefox Monitor—both services that inform you when your data is breached—then you probably received an email from Dunzo, or read about it in the newspaper. Then, at …
More in Internet
You may also like
What an email breach reveals about the risks of AI integrations
A single line of malicious code in a fake Postmark MCP connector, a tool built for AI assistants, leaked thousands of emails. What does that tell us about the limits of security in autonomous systems?
The often overlooked suffering of employees in startup debacles
Every time a major startup goes under, it is the employees who are left jobless and waiting for dues to be cleared (if at all). Perhaps it is time founders and investors got their act together.
Dunzo is over, but who’s responsible for the mess?
It is tough but not impossible to put a respectable end to a failed business. As creditors fight for their dues, Dunzo’s investors and management have a lot to answer for.