Food delivery startup InnerChef hacked; partial user data leaked

The hacker was apparently trying to extract vengeance from InnerChef founder Rajesh Sawhney

Food delivery startup InnerChef has allegedly become the target of a cyber attack, with the hackers having gotten their hands on an unknown number of names, phone numbers and email addresses of users of the service.

In an e-mail sent to Gadgets 360, the hacker partially disclosed the details of a few users in order to show off his/her conquests. The publication claims that it verified the data of three people who did turn out to be users of InnerChef's services.

"InnerChef is an Indian startup that got funding but despite all that, their security sucks. This funded startup doesn't care about customer data and only about money, growth, and orders," the hacker wrote in the e-mail to Gadgets 360.

 

From the mail exchange it seems that the hacker is out to extract vengeance from InnerChef founder Rajesh Sawhney, who he/ she alleges kicked out co-founders of the company. The hacker refers to them as "loved ones" and said he would keep up the hack by not disclosing in which part of the code he had injected the bug.

This isn't the first time an Indian startup has been pulled up for lack of best practices when it comes to security. Ride hailing service Ola too had become the victim of one such exploit where the hacker was able to recharge his wallet with seemingly infinite amount of funds. When contacted about the vulnerabilities by the hacker, the company's failed to respond appropriately.