KiranaPro cyberattack wipes out app code and user data, shocks quick commerce sector

Quick commerce startup KiranaPro suffers a devastating cyberattack, resulting in deletion of app code and exposure of sensitive user data via AWS and GitHub breach.

KiranaPro, the voice-enabled AI-powered grocery delivery platform, has fallen victim to a severe cyberattack that wiped out its application code and compromised personal user data. The breach has halted order processing on the platform, exposing glaring vulnerabilities in cloud security and account access control.

According to reports, the attack was traced to unauthorized access through the account of a former employee — a stark reminder of the growing insider threat risks in the digital ecosystem.

  • KiranaPro’s entire app codebase and sensitive customer data were deleted in the attack.
  • Attackers gained root-level access to the company’s Amazon Web Services (AWS) and GitHub accounts.
  • User data exposed includes names, mailing addresses, and payment information.
  • The attack likely occurred between May 24 and May 25, identified during routine AWS login activity.
  • Despite having Google Authenticator-based MFA, the AWS root account was compromised.
  • All EC2 instances were deleted, leaving the company unable to access core infrastructure or logs.
  • GitHub and AWS teams have been approached to help trace IPs and recover access.
  • The breach is suspected to have been carried out through a former employee’s credentials.
  • Legal action is being initiated against ex-employees who failed to return credential access post-exit.
  • KiranaPro had ambitions to onboard 100 million users and 1 million kirana stores via ONDC.

The KiranaPro breach is a critical wake-up call for startups relying heavily on cloud platforms. It highlights the need for stronger identity and access management (IAM), robust offboarding processes, and zero-trust security practices. As cyberattacks grow more sophisticated, organizations must proactively monitor internal and external threats while ensuring system resilience, backup protocols, and log retention — before it’s too late.