What happened in the Dunzo data breach?
Twingate Team
•
May 9, 2024
In July 2020, Indian delivery service Dunzo experienced a significant data breach. The incident involved unauthorized access to the company's database, which contained a wide range of user information. The breach was discovered on a dark web forum, and the data was later provided to Have I Been Pwned by dehashed.com. In response to the breach, Dunzo took several safety measures, including securing all databases, updating passwords, tightening infrastructure security, and enhancing logging and tracing across various services.
How many accounts were compromised?
The breach impacted data related to approximately 3.47 million individuals.
What data was leaked?
The data exposed in the Dunzo breach included device information, email addresses, geographic locations, IP addresses, names, and phone numbers.
How was Dunzo hacked?
In the Dunzo data breach, the servers of a third party that the company works with were compromised, allowing the attacker to gain unauthorized access to Dunzo's database. The specific methods used by the hackers were not detailed in the available sources. As a result of the breach, Dunzo took several safety measures, including securing all databases, updating passwords, tightening infrastructure security, and enhancing logging and tracing across various services.
Dunzo's solution
In response to the hacking incident, Dunzo implemented several enhanced security measures to protect its platform and prevent future breaches. These steps included securing all databases and data stores, rotating access tokens, updating passwords as a precautionary measure, tightening infrastructure security, closing vulnerable ports, reviewing and updating access privileges, enabling firewalls and threat intelligence tools for better monitoring, reviewing third-party plugins and integrations, and enhancing logging and tracing across various services to monitor and detect suspicious activity. Additionally, Dunzo collaborated with two external leading cybersecurity firms to further strengthen its security practices.
How do I know if I was affected?
Dunzo has not explicitly mentioned whether they reached out to affected users. However, if you are a Dunzo user and want to check if your credentials were affected, you can visit Have I Been Pwned to verify if your email address has been compromised in a data breach.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to the Dunzo data breach, please contact Dunzo's support directly.
Where can I go to learn more?
If you want to find more information on the Dunzo data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
What happened in the Dunzo data breach?
Twingate Team
•
May 9, 2024
In July 2020, Indian delivery service Dunzo experienced a significant data breach. The incident involved unauthorized access to the company's database, which contained a wide range of user information. The breach was discovered on a dark web forum, and the data was later provided to Have I Been Pwned by dehashed.com. In response to the breach, Dunzo took several safety measures, including securing all databases, updating passwords, tightening infrastructure security, and enhancing logging and tracing across various services.
How many accounts were compromised?
The breach impacted data related to approximately 3.47 million individuals.
What data was leaked?
The data exposed in the Dunzo breach included device information, email addresses, geographic locations, IP addresses, names, and phone numbers.
How was Dunzo hacked?
In the Dunzo data breach, the servers of a third party that the company works with were compromised, allowing the attacker to gain unauthorized access to Dunzo's database. The specific methods used by the hackers were not detailed in the available sources. As a result of the breach, Dunzo took several safety measures, including securing all databases, updating passwords, tightening infrastructure security, and enhancing logging and tracing across various services.
Dunzo's solution
In response to the hacking incident, Dunzo implemented several enhanced security measures to protect its platform and prevent future breaches. These steps included securing all databases and data stores, rotating access tokens, updating passwords as a precautionary measure, tightening infrastructure security, closing vulnerable ports, reviewing and updating access privileges, enabling firewalls and threat intelligence tools for better monitoring, reviewing third-party plugins and integrations, and enhancing logging and tracing across various services to monitor and detect suspicious activity. Additionally, Dunzo collaborated with two external leading cybersecurity firms to further strengthen its security practices.
How do I know if I was affected?
Dunzo has not explicitly mentioned whether they reached out to affected users. However, if you are a Dunzo user and want to check if your credentials were affected, you can visit Have I Been Pwned to verify if your email address has been compromised in a data breach.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to the Dunzo data breach, please contact Dunzo's support directly.
Where can I go to learn more?
If you want to find more information on the Dunzo data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
What happened in the Dunzo data breach?
Twingate Team
•
May 9, 2024
In July 2020, Indian delivery service Dunzo experienced a significant data breach. The incident involved unauthorized access to the company's database, which contained a wide range of user information. The breach was discovered on a dark web forum, and the data was later provided to Have I Been Pwned by dehashed.com. In response to the breach, Dunzo took several safety measures, including securing all databases, updating passwords, tightening infrastructure security, and enhancing logging and tracing across various services.
How many accounts were compromised?
The breach impacted data related to approximately 3.47 million individuals.
What data was leaked?
The data exposed in the Dunzo breach included device information, email addresses, geographic locations, IP addresses, names, and phone numbers.
How was Dunzo hacked?
In the Dunzo data breach, the servers of a third party that the company works with were compromised, allowing the attacker to gain unauthorized access to Dunzo's database. The specific methods used by the hackers were not detailed in the available sources. As a result of the breach, Dunzo took several safety measures, including securing all databases, updating passwords, tightening infrastructure security, and enhancing logging and tracing across various services.
Dunzo's solution
In response to the hacking incident, Dunzo implemented several enhanced security measures to protect its platform and prevent future breaches. These steps included securing all databases and data stores, rotating access tokens, updating passwords as a precautionary measure, tightening infrastructure security, closing vulnerable ports, reviewing and updating access privileges, enabling firewalls and threat intelligence tools for better monitoring, reviewing third-party plugins and integrations, and enhancing logging and tracing across various services to monitor and detect suspicious activity. Additionally, Dunzo collaborated with two external leading cybersecurity firms to further strengthen its security practices.
How do I know if I was affected?
Dunzo has not explicitly mentioned whether they reached out to affected users. However, if you are a Dunzo user and want to check if your credentials were affected, you can visit Have I Been Pwned to verify if your email address has been compromised in a data breach.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to the Dunzo data breach, please contact Dunzo's support directly.
Where can I go to learn more?
If you want to find more information on the Dunzo data breach, check out the following news articles:
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions