Updated on 11 June 2025

KiranaPro CEO Reveals Insider Revenge Led to Company-Wide Data Deletion

In a shocking revelation, KiranaPro’s co-founder and CEO Deepak Ravindran has confirmed that the complete wipeout of the company’s database was not the result of an external cyberattack—but an act of insider sabotage. A disgruntled ex-employee allegedly deleted critical data from the company’s servers in a calculated act of revenge.

According to Ravindran, the former employee had backend access to KiranaPro’s digital infrastructure. After being terminated, the individual used this privileged access to erase the data stored on the company’s cloud servers. The deleted files included core application code, customer data, and logistics information—bringing the entire platform to a standstill.

Despite the technical disruption, the KiranaPro app is still live, but core functionalities remain inaccessible. The company has confirmed it is working around the clock to recover the lost data and resume normal operations.

Indian grocery delivery startup KiranaPro has suffered a severe cybersecurity breach that led to the complete deletion of its app code and sensitive customer data, the company’s founder confirmed to TechCrunch.

Co-founder and CEO Deepak Ravindran said that hackers wiped the company’s Amazon Web Services (AWS) and GitHub accounts, which housed crucial infrastructure and banks of customer information including names, mailing addresses, and payment details. While the KiranaPro app remains online, it is currently unable to process any orders.

Founded in December 2024, KiranaPro functions as a buyer app on the Indian government-backed Open Network for Digital Commerce (ONDC), enabling customers to order groceries from local shops and supermarkets. Known for its multilingual, voice-based ordering interface in Hindi, Tamil, Malayalam, and English, the platform quickly gained traction with over 55,000 users and between 30,000 to 35,000 active buyers across 50 cities, processing approximately 2,000 orders daily.

The breach has derailed the startup’s ambitious plans to expand to 100 cities within 100 days. The incident reportedly occurred around May 24–25, with executives discovering the intrusion during a routine login to the company’s AWS account.

According to Ravindran, attackers managed to gain root access to both AWS and GitHub, likely through a former employee’s compromised account. Screenshots of GitHub security logs and a sample of system activity from the time of the breach were shared with TechCrunch as evidence. The company suspects the attack was enabled by inadequate offboarding protocols, with former employees failing to return access credentials.

Chief Technology Officer Saurav Kumar said the team noticed their AWS multi-factor authentication code had been changed when attempting to access the platform last week. All EC2 instances—used for hosting virtual machines and running applications—were reportedly deleted, and root-level access remains lost. The team is currently limited to viewing their IAM (Identity and Access Management) account, which confirms the disappearance of their EC2 infrastructure but offers no access to logs or forensic data.

KiranaPro has reached out to GitHub’s support team in an attempt to trace the hacker’s IP address and investigate activity logs. Meanwhile, legal proceedings are underway against the former employees allegedly linked to the breach.

While the precise method of attack is still unclear, the incident bears similarities to other major cyberattacks involving credential theft, such as those at LastPass, Change Healthcare, and Snowflake. Those breaches often stemmed from stolen passwords or malware-infected employee devices and highlight the critical importance of access controls and multi-factor authentication.

KiranaPro is backed by investors including Blume Ventures, Unpopular Ventures, and Turbostart, as well as Olympic medalist PV Sindhu and BCG MD Vikas Taneja. The startup operates with a 15-member team based in Bengaluru and Kerala.

Lessons on Insider Threats

This incident underscores a major cybersecurity concern for startups: insider threats. While most organizations focus heavily on external attackers, threats from within—especially from former employees with system-level access—can be just as dangerous, if not more so.

KiranaPro’s case serves as a wake-up call for startups to establish strict offboarding procedures, access control policies, and real-time monitoring systems to prevent such catastrophic events.

What’s Next for KiranaPro?

Ravindran shared that the company is consulting cybersecurity experts and legal teams to pursue appropriate action against the former employee. Meanwhile, restoration efforts are underway as KiranaPro attempts to rebuild its backend infrastructure from remaining backups.

To Sum Up

In the age of digital commerce, startups must view data not just as an asset—but as a vulnerability. KiranaPro’s experience reveals the human side of cybersecurity, where trust, access, and accountability must be balanced to protect innovation from being sabotaged from within.