The start of the last Kiraanapro grocery store Data loss The story contains more holes than Swiss cheese, as the startup is still unclear whether the accident is an internal breach or external penetration.
Last week, he discovered the start -up startup that he could not access its rear servers and that all its data, including its application code, has been deleted from GitHub. On Friday, the starting start blamed a former breach employee. However, in an interview, Kerapro The co -founder and CEO Deepak Ravenwurne admitted that the company did not activate the employee’s account after they left the company and could not exclude the possibility of misuse of their subsequent harmful account.
“If we deepen, we have to conduct a real forensic investigation. We will talk (about) this with our council and investors, and we will get an official opinion on this also with our legal advisers,” Ravender told Techcrunch.
Earlier on Friday, Ravendran claimed a After x The accident that affected his data was an internal breach.
“After accurate investigation, we conclude that this was not a penetration. No external party penetrated the requests or payment systems, the exploited weaknesses, or bypassing the safety protocols.”
The co -founder also explicitly participated in a screenshot of the LinkedIn definition file for a former Kiraanapro employee on Thursday, claiming that they had deleted the startup code. (Techcrunch does not share the post link, as it has not yet operated a concrete evidence that supports its location.)
The co -founder in his post on Friday wrote: “(R) was his internal violation of the data. In particular, the result of the measures taken by a reliable internal employee enjoying a legal access to our systems.” “This individual deliberately deleted the critical records of the server while testing and/or editing, which is a procedure that is directly proportional to our policies, principles and confidence that we put in our team.”
When Techcrunch asked if Kirapro could exclude whether any third party had managed to reach the former employee account, Ravingran could not.
“We must do a fully forensic examination of the company. We have to perform the entire IP exam. We have to look at the place where the tracks occurred. We have to check computers, write, and anything that is used. Everything must be done. Then we have to spend money … for that, for that reason we decided not to do so,” he said to Techcrunch.
Then what is the basis for the claim of Ravingran? It was the response of GitHub, a copy that she shared with Techcrunch.
The response included the name of a user, who said Ravenwurne was associated with the former employee.
“All we have is the emails we received from GitHub, saying that (the employee’s former username) was the one who deleted the account. We didn’t investigate more,” Ravender told Techcrunch.
The former employee’s account was never outside the foreign
Keranapro was launched in late 2024, and it works as an application for Jupiter on the Indian Open Network for Digital Trade. The start of the start allows more than 55,000 customers in 50 cities to buy groceries from their local stores and nearby supermarkets using their sound façade. The company also supports local language inputs, including English, Hindi, Malawala and Tamil.
Ravindran stated that they decided to call the former employee based on the company’s “belief system”, as they claim that the former employee is to delete data after his sudden end.
However, the startup said it is not aware of whether there is sufficient protection on the devices of the former employee, such as AuthenticityTo restrict malignant access from the third party, such as malware.
The company confirmed that it did not remove the employee’s access to his data and the GitHub account after leaving.
“The employee has not been dealt with properly because there were no full -time human resources,” the chief technology official in Keranabro, Sorrav Kumar, confirmed on Techcrunch.
The company recovers an AWS account
Besides the code that was saved in GitHub, Kirapro also lost access to the Amazon Web Services account (AWS), which included customer data and transaction details.
Ravingan Techcrunch told that GitHub has been restored after backup copies of one of its employees. The startup also has also accessed its AWS account along with its customer data.
Both co -founder and CTO said that the AWS account was protected through multiple factors, but it could not say how the account was reached, as no one else had material access to the Ravingran, which generates the code of multiple factors.
However, Ravindran claimed that the customer’s data stored in the AWS cloud remained intact and has not been accessed by any third parties, and was not downloaded by the former employee concerned.
“If this is the case, I will get it via email or anything (such),” he said.
However, Ravindran stated that young people have sufficient evidence to file an official complaint to the police, but she said that her investigation was continuing.
The co -founder of the company confirmed that after a short period of the company collecting a seed tour of 100 million Indian rupees worth 100 million Indian rupees (about $ 1.2 million), shortly after the company raised a seed tour of 100 million Indian rupees (about $ 1.2 million), which said Ravenderan was not completely wireless.
Blume Ventures, non -popular projects, and Turbostart are among its supporters for institutional project, as well as the PV Sindhu and Bostus Consulting Group Vikas Taneja among the owners of the owners. She has 15 employees in Bangaluru and Kerala.
https://techcrunch.com/wp-content/uploads/2025/06/kiranapro-techcrunch.jpg?resize=1200,800
Source link