Furniture and electronics rental startup Rentomojo was hit by a cyberattack that has led to a breach of customers' personal data, the company said in an email sent to customers on April 20. "It appears that the attackers were able to get unauthorised access to our customer data, including in some cases personally identifiable information by exploiting the cloud misconfiguration through extremely sophisticated attacks, thus breaching one of our databases. We assure you that this has no impact on any financial information like Credit cards, Debit cards or UPI as we never store them in our database." — Geetansh Bamania, CEO and Co-founder, Rentomojo Some Rentomojo users have taken to Twitter to allege that the hackers, going by the name Shiny Hunters, have emailed them threatening to make the breached data public. Contrary to Rentomojo's statement, the hackers also claim to have access to certain financial data of users. https://twitter.com/OddGoanOut/status/1648664804931018752?s=20 https://twitter.com/rajkstats/status/1648756087318007809?s=20 https://twitter.com/ronakhappiness/status/1648717163686141953?s=20 We have emailed Rentomojo asking for more details on how many users are affected by the breach and what types of personal data have been compromised. Why does this matter: Data breaches give the attackers valuable information that they can either sell in the black market or use themselves to carry out sophisticated scams against users. When sold in the black market, the breached data can further be combined with other leaked data to create comprehensive user profiles. What measures has Rentomojo taken following the breach: "Upon becoming aware of the breach, we immediately initiated an investigation and…
You must be logged in to post a comment Login