Data breach at furniture rental business Rentomojo

Data breach at furniture rental business Rentomojo

The business said that it is considering all available alternatives, including legal avenues, to lessen the impact of the incident.

Rentomojo, a marketplace for rental furniture and motorcycles, announced a data breach on April 20 that most likely exposed the private data of over a lakh clients.

Geetansh Bamania, CEO and co-founder of the Bengaluru-based business, wrote to the company’s subscribers in an email to say that the company was considering all alternatives, including legal avenues, to lessen the impact of the breach.

“It appears that the attackers breached one of our databases by taking advantage of the cloud misconfiguration through incredibly sophisticated attacks and gaining unauthorised access to our customer data, including in some cases personally identifiable information. We guarantee that this won’t affect any financial data, such as credit card, debit card, or UPI information because we never save it in our database, Bamania wrote in an email to clients that Moneycontrol has seen.

Several clients said that hacking organisations had sent them emails demanding a ransom. Sensitive client information would go public if their demands weren’t met.

“My private data was exposed as a result of the data breach at Rentomojo. Now, hackers are extorting my personal information. This is a significant compromise of security and privacy, a user tweeted.

Screenshots from Twitter showed that one such hacker organisation, ShinyHunters, was sending emails to Rentmojo subscribers.

“We also downloaded terabytes of KYC, which included bank records, passports, ID cards, driver’s licences, and other official documents. However, given their lack of reaction, it appears that RentoMojo is reluctant to pay a dime and would prefer that we release your data publicly, ShinyHunters stated in an email to RentoMojo users.

Multi-factor authentication (MFA), a practise that has been widely used by businesses for a number of years, is now being implemented, according to Bamania. Other procedures, according to the business, include security audits, vulnerability assessments, and a review of all third-party and open-source plugins and interfaces.

In response to questions from Moneycontrol, Bamania verified the new information and stated that its business had reported the event to the relevant authorities and was helping with the investigation.

 

Leave a Reply

Your email address will not be published.

Latest

Arambam: Rakul Preet’s Nutrient-Rich Haven in Hyderabad

Arambam, the newest addition to Hyderabad’s culinary scene, where millets take center stage in a celebration of health and flavor. Rakul Preet Singh, the Bollywood actress, invites you on a gastronomic journey that combines ancient grains with modern culinary delights. Millets have gained widespread recognition as a superfood, thanks to their nutritional richness. From pearl […]

Read More
Latest

Supreme Court Imposes Rs 5 Lakh Cost on Wife’s Father for Filing False Cases to Harass Husband

  The recent ruling by the Supreme Court imposing a cost of Rs 5 lakhs on a wife’s father for lodging false Section 498A IPC cases against the husband at different places to harass him is a significant development in the realm of legal justice. This decision sheds light on the misuse of legal mechanisms […]

Read More
Latest

The Meteoric Rise of Minimalist: Building an INR 100 Cr Business in Eight Months

  In the ever-evolving landscape of the beauty and personal care industry, the emergence of direct-to-consumer (D2C) brands has been nothing short of revolutionary. Among these trailblazers stands Minimalist, a Jaipur-based startup founded by siblings Mohit and Rahul Yadav, which has swiftly climbed the ladder to achieve an impressive INR 100 Cr revenue mark within […]

Read More