Follow Us:
Monday, July 04, 2022

Personal data of 3.4 million Dunzo users exposed: Here’s what happened

Earlier in July, Dunzo confirmed a massive data breach in which personal data such as mobile number and email address of customers’ were exposed. Fresh updates on the beach are highlighted.

By: Tech Desk | New Delhi |
Updated: July 30, 2020 3:02:45 pm
dunzo, dunzo data breach Dunzo breach explained: Personal data of 3.4 mn users affected in massive data breach

Earlier in July, Dunzo confirmed a massive data breach in which personal information of users such as mobile number and email address were exposed. Fresh updates on the beach are coming from Dunzo now. In an internal investigation, the delivery service provider discovered that information compromised contained additional Personally Identifiable Information (PII) data as well.

What kind of user data exposed?

Dunzo explained that affected information included details such as last known location, phone type, last login dates. The company further found that the database also contained advertising-related attributes including a few specific PII — device info, last known IP address, and advertising id. Earlier the company confirmed that phone numbers and email address of users were exposed.

Which data are safe?

Sticking to its past claims Dunzo has further clarified that payment information like credit cards are not stored on Dunzo servers and hence are not at risk. So, users must know that no financial or payment details have been affected by the breach.

What exactly happened?

The delivery service provider explained that the servers of a third party it works with were compromised and this allowed the attacker to get unauthorized access and breach into Dunzo’s database. The company also revealed that no users’ home addresses were compromised during this data breach.

Best of Express Premium
UPSC Key-July 4, 2022: Why to read ‘floating solar plants’ or ‘malnutriti...Premium
DMK MP Raja’s heated pitch on ‘separate Tamil Nadu’, au...Premium
UPSC Essentials: Key terms of the past weekPremium
ExplainSpeaking: Despite the fall, are Indian stock markets still overval...Premium

How many users are affected?

Dunzo is yet to reveal the number of user data that have been exposed in the breach but according to haveibeenpwned website, 3,465,259 user accounts have been breached.

Safety measures are taken by Dunzo

Dunzo is taking all the required steps so such incidents don’t happen again, the company said. In the blogpost, Dunzo noted, “We are ensuring your data’s security is our top priority and that every user is informed and aware. With the recent second wave of conversations around this breach, we are proactively re-sending communication to users as some may have missed the security update.”

Some of the safety measures Dunzo is taking are as follows:

* Secured all database and data stores from network and access standpoint

* Rotated all the access tokens and updated all passwords as a precautionary measure

* Tightened infrastructure security and closed all the vulnerable ports

* Reviewed and updated all access privileges to the system and infrastructure

* Enabled Firewall and Threat intelligence tool for even better monitoring

* Reviewed all the third-party plugins and integrations

* Enhanced logging and tracing even further across various services to monitor and get alerted about any suspicious activity.

Express Explained Go beyond the news. Understand the headlines with our Explained stories

📣 Join our Telegram channel (The Indian Express) for the latest news and updates

For all the latest Technology News, download Indian Express App.

  • Newsguard
  • The Indian Express website has been rated GREEN for its credibility and trustworthiness by Newsguard, a global service that rates news sources for their journalistic standards.
  • Newsguard