Delivery Startup Dunzo Suffers a Data Breach
Delivery startup Dunzo suffers data breach, numbers, emails leaked
Indian hyperlocal delivery startup Dunzo has suffered a data breach that leaked phone numbers and email addresses of its users.
The company’s chief technology officer (CTO) Mukund Jha announced that one of their third-party partner’s database was compromised. As a result, attackers accessed users' information. However, no payment details like credit card numbers were exposed during the incident.
After this incident, Dunzo send emails to users informing about the data breach. The company has secured the database and fix the issue. The email does not contain any statement regarding password change. Because Dunzo uses phone numbers and one time passwords for logins.
Accessing email ID and phone number these days might not sound like a lot. But attackers can send phishing emails with malware to steal account details or other important data.
Dunzo hasn’t revealed when attackers gained access and how long the database was left exposed. It’s unclear whether the hackers got access to its whole database or how many users were exposed.
But one of the major questions is how and why do its partners need user’s personal details like phone number and email ID? Dunzo has not revealed the name of the partner which has reported the breach.