Data breach at furniture rental business Rentomojo

Data breach at furniture rental business Rentomojo

The business said that it is considering all available alternatives, including legal avenues, to lessen the impact of the incident.

Rentomojo, a marketplace for rental furniture and motorcycles, announced a data breach on April 20 that most likely exposed the private data of over a lakh clients.

Geetansh Bamania, CEO and co-founder of the Bengaluru-based business, wrote to the company’s subscribers in an email to say that the company was considering all alternatives, including legal avenues, to lessen the impact of the breach.

“It appears that the attackers breached one of our databases by taking advantage of the cloud misconfiguration through incredibly sophisticated attacks and gaining unauthorised access to our customer data, including in some cases personally identifiable information. We guarantee that this won’t affect any financial data, such as credit card, debit card, or UPI information because we never save it in our database, Bamania wrote in an email to clients that Moneycontrol has seen.

Several clients said that hacking organisations had sent them emails demanding a ransom. Sensitive client information would go public if their demands weren’t met.

“My private data was exposed as a result of the data breach at Rentomojo. Now, hackers are extorting my personal information. This is a significant compromise of security and privacy, a user tweeted.

Screenshots from Twitter showed that one such hacker organisation, ShinyHunters, was sending emails to Rentmojo subscribers.

“We also downloaded terabytes of KYC, which included bank records, passports, ID cards, driver’s licences, and other official documents. However, given their lack of reaction, it appears that RentoMojo is reluctant to pay a dime and would prefer that we release your data publicly, ShinyHunters stated in an email to RentoMojo users.

Multi-factor authentication (MFA), a practise that has been widely used by businesses for a number of years, is now being implemented, according to Bamania. Other procedures, according to the business, include security audits, vulnerability assessments, and a review of all third-party and open-source plugins and interfaces.

In response to questions from Moneycontrol, Bamania verified the new information and stated that its business had reported the event to the relevant authorities and was helping with the investigation.

 

NewsNowNatiion Bureau

Leave a Reply

Your email address will not be published.

Latest

10 Achievable Goals To Set For Your Personal Development

1. Improve your growth mindset Setting goals and achieving them can require changes in your life. To believe that change is possible, you can have an open mind and the awareness to accept any mistakes you might make along the way. You might apply daily affirmations to help you get there, but ultimately, improving your […]

Read More
Latest

American Millionaire Neville Roy Singham Summoned by ED in NewsClick Terror Case

The Enforcement Directorate (ED) has taken a significant step in the ongoing investigation of the News Click terror case by issuing summons to Neville Roy Singham, an American millionaire. Singham, who is currently based in Shanghai, China, has been accused of spreading Chinese propaganda in India. The ED has sent the summons through official channels […]

Read More
Latest

Uttarkashi Tunnel Collapse: New Drilling Machine On Way From Delhi; Fresh Landslide Hampers Rescue Ops

A new American machine is anticipated to arrive in Uttarkashi within the next few hours. Upon its arrival, an Indian Air Force C130 Hercules aircraft will land at an airstrip located approximately 30-35 kilometers away from the incident site.A fresh landslide on Tuesday obstructed ongoing efforts to insert steel pipes through the rubble of the […]

Read More
Powered by Panacea People | Media