Fired Techie Wipes Former Employer's Servers in Major Insider Sabotage

Grocery-tech startup KiranaPro suffered a severe data breach after a disgruntled former employee allegedly wiped critical company data, including app code and customer information.

Initially suspected to be a cyberattack, the June 3 incident was confirmed by co-founder Deepak Ravindran to be insider sabotage.

The breach, which occurred between May 24–25, compromised root access to KiranaPro’s AWS and GitHub accounts. All EC2 instances were deleted, despite multi-factor authentication safeguards.

An internal probe identified the perpetrator as Lava Kumar, a trusted ex-employee fired earlier.

"This was not a hack. No external party exploited vulnerabilities or bypassed security protocols. Instead, it was an internal data breach by someone who had legitimate access to our systems," Ravindran said.

Though GitHub data was later restored from backups and customer data remained intact, the app was only partially functional.

Ravindran said police action is being pursued.

In parallel, KiranaPro faces criticism over delayed salaries.

Ravindran acknowledged payment lapses, citing internal delays, but said most dues have now been settled.

The startup is rebuilding its systems and claims to be stabilising financially.

The startup, part of the Indian government’s Open Network for Digital Commerce (ONDC), was serving 55,000 customers in 50 cities and handling 2,000 orders a day.