Online rental marketplace start-up Rentomojo powered by AdNetwork Pvt. Ltd. and which was started in 2014, RentoMojo allows users in Bengaluru, Mumbai, Delhi NCR and Pune to rent furniture, utilities and motorbikes on a subscription basis, has reported a data breach incident that This is likely to affect 1.5 lakh customers. The startup firm said it has reported the incident to the appropriate authorities and is fully cooperating with the ongoing investigation.
rentmojo sent an email to customers Adding that the firm has detected a security breach and wrote, “Recently, our team identified a security breach that involved unauthorized access to one of our databases.” “It appears that the attackers were able to gain unauthorized access to our customer data, which in some cases includes personally identifiable information, by exploiting cloud misconfiguration through highly sophisticated attacks, thus compromising access to our databases.” One was breached. The firm also said that the breach would not have any impact on any financial information like credit card, debit card or UPI as it never stores them in the firm’s database.
The firm also said that it has taken several measures following the data breach which include:
Secured database and encrypted all information stored in our database.
Strengthening our infrastructure with advanced security practices such as Intelligent Threat Detection, Sensitive Data Discovery and Logging IP traffic.
Multi-Factor Authentication (MFA) implemented for additional layers of security.
Ongoing security audits and vulnerability assessments to further identify and mitigate risks.
Rotated all access tokens and updated all passwords immediately.
Implemented Endpoint Detection and Response (EDR) for our network.
Reviewed all third-party and open-source plugins and integrations.
Meanwhile, users of Rentomojo took to social media to demand an explanation from the firm.
“Disturbing news!\@rentomojo data breach exposed my confidential information. Hackers are now blackmailing me for leaking my personal data. This is a serious breach of privacy and security,” wrote one user on Twitter.
“I have received a mail from my Rentomojo account stating data breach and it claims to have made my data public as the company did not respond to Incepte’s demands for trying to complain through online, please help Do it,” another user wrote on Twitter.
“I have received an email from ShinyHunters that there has been a data breach on Rentomojo and my data has been breached and is now available with hackers. Please consider this complaint and any kind of loss will be borne by the Rentomojo brand ,” wrote on Twitter, sharing the concern.
catch all corporate news And updates on Live Mint. download mint news app to receive daily market update & Live business News,