Overview

• Attackers exploited a former employee’s credentials to access root AWS and GitHub accounts between May 24 and May 25.
• Intruders deleted all EC2 instances and wiped the startup’s app code along with customer records, including names, addresses and payment details.
• KiranaPro’s voice-based grocery delivery app remains online but is unable to process any orders until its backend systems are rebuilt.
• The company has enlisted GitHub support to trace the intruder’s IP addresses and is filing legal cases against ex-employees suspected of involvement.
• The breach has stalled its seed fundraising and paused plans to expand into 100 cities within the next 100 days.