Total Meltdown: Cyberattack Wipes Out KiranaPro’s Servers, Code & Customer Data—App Still Live but Broken

KiranaPro Hacked: Cyberattack Destroys App Code, Servers, and User Data

In a chilling reminder of how vulnerable tech startups can be, quick commerce platform KiranaPro—which is integrated with the Indian government’s ONDC (Open Network for Digital Commerce)—has suffered a devastating cyberattack that completely wiped out its servers, app code, and sensitive customer data.

The incident unfolded between May 24 and 25, and by the time the team discovered the breach on May 26, it was already too late. KiranaPro’s core systems hosted on Amazon Web Services (AWS) were gone. Its GitHub codebase was erased. And perhaps most alarming—user data including names, addresses, and payment details vanished.

So how does a company’s entire tech backbone just disappear overnight?

Let’s dive into what really happened.

What Is KiranaPro?

KiranaPro is a quick commerce startup that connects local kiranas (neighborhood stores) to consumers via an e-commerce platform. Its integration with ONDC made it part of a growing ecosystem aiming to decentralize digital commerce in India—think of it as a hyperlocal Amazon alternative.

With fast-growing traction in tier 2 and tier 3 cities, KiranaPro was seen as a promising disruptor.

Now, that promise is hanging by a thread.

The Cyberattack: What Went Down?

According to co-founder and CEO Deepak Ravindran, the cyberattack compromised both the company’s AWS and GitHub accounts.

Here’s what was hit:

• All AWS EC2 virtual machines were deleted
• Source code on GitHub was erased
• User data, including names, addresses, and payment info, is gone
• Root-level access credentials were compromised
• The app is live—but can’t process any orders

In short: the company lost everything that powers its platform. And it appears the attack originated from a familiar source.

Suspected Insider Access: A Former Employee?

Early signs point to the breach coming from credentials linked to a former employee.

GitHub logs reviewed by the company reportedly showed suspicious activity tied to that ex-staffer’s account. It’s possible the account wasn’t deactivated or was reused in a way that gave hackers the backdoor they needed.

This raises serious questions about internal cybersecurity protocols—and whether this breach could have been prevented.

Locked Out of Root Access: No Logs, No Recovery

KiranaPro’s Chief Technology Officer Saurav Kumar confirmed the worst: they no longer have root access to their AWS account. Only IAM (Identity and Access Management) access remains—and that doesn’t give them control over the now-deleted infrastructure.

“We can only log in through the IAM account, through which we can see that the EC2 instances don’t exist anymore, but we are not able to get any logs or anything because we don’t have the root account,” Kumar said.

That means no access to logs, no audit trail, no recovery—nothing.

How Bad Is This?

Let’s break it down:

• App functionality is dead: The app still opens but can’t process anything.
• Data is lost: Sensitive customer info, payment data, and codebase are gone.
• Trust is shattered: Users and partners will be wary of engaging with the platform again.
• ONDC integration is at risk: KiranaPro’s participation in the national network may be suspended or reviewed.
• Financial and legal fallout: Expect lawsuits, regulatory scrutiny, and potential fines over compromised user data.

In short: this is existential.

What Happens Next?

KiranaPro has not released a full public statement yet, but it’s clear that the company is in crisis mode.

Here’s what they’ll need to do—fast:

• Engage cybersecurity experts to assess the damage and prevent further attacks
• Notify affected users and possibly regulators like CERT-In and the Ministry of Electronics and IT
• Rebuild their infrastructure from scratch if backups are available (so far, that’s unclear)
• Launch internal audits to determine how credentials were compromised
• Re-establish trust through transparency and security upgrades

A Wake-Up Call for Indian Startups

The KiranaPro breach is not just a tech glitch—it’s a case study in what happens when cybersecurity is not taken seriously enough.

Many Indian startups, especially in fast-moving sectors like fintech, logistics, and e-commerce, prioritize growth over security in their early stages. This event might finally force founders to invest in:

• Two-factor authentication
• Role-based access control
• Regular security audits
• Strict offboarding procedures for former employees
• Encrypted backups and redundancy systems

The Bottom Line

KiranaPro went from promising ONDC partner to cyberattack victim overnight. What was once a potential unicorn story is now a cautionary tale for the entire startup ecosystem.

The road to recovery will be long—and uncertain. If the company can recover at all.

For now, users are stuck with a non-functional app, and KiranaPro is left scrambling to rebuild a business that essentially disappeared in a matter of hours.