RentoMojo Massive Data Breach
RentoMojo, A Furniture and Motorbike renting marketplace, reported a data breach on 20 April that will compromise over one lacs customers of sensitive data.
The company’s CEO, Geetansh Bamania, said in an email to subscribers. We are taking legal routes to reduce the impact of the breach. Also, he said, it looks like attackers were able to get unauthorized access to the customer’s data by exploiting the cloud misconfiguration through attacks. But we assure you that financial information like debit cards, UPI, and credit cards are safe, as we don’t store financial information in our databases.
Several platform users tweeted that the hackers‘ group emailed them and demanded ransom. Otherwise, they would publicize their sensitive data.
One user shared that, Platform data breach led to the disclosure of confidential data. Hackers are now blackmailing me into releasing my data publicly, and Seriously this is a severe breach of security and privacy.
ShinyHunters is a hacker group that emails innocent users to ask for money for their confidential data.
They wrote an email to the users. We have downloaded terabytes of users’ data, including KYC, bank documents, passports, cards, driving licenses, etc. Unfortunately, Rentomojo is unwilling to pay a single penny. Due to a lack of response from their end, we will share your data publicly.
The company’s CEO said We are adding Multi-Factor Authentication (MFA) to add extra layers of security to the platform. It is a most common practice by the companies that have been followed for several years. We also review all the third parties plugins and integrations and do security audits and various measurements to ensure the platform’s security.
