Fired KiranaPro Staff Deleted Entire Code & Data: A Wake-Up Call for Startups
In a shocking incident, KiranaPro, a startup that operates in the e-commerce space, has suffered a major data breach after a former employee deleted the entire code and data of the company. This incident has sent shockwaves among startup founders and HR professionals, highlighting the importance of proper employee off-boarding and access control.
According to a report by TechCrunch, the ex-employee, who was fired by the company, had access to KiranaPro’s credentials due to the lack of a full-time HR department. This allowed him to delete the company’s entire code and data, causing chaos and disruption to the startup’s operations.
KiranaPro’s CEO, Deepak Ravindran, shared a GitHub email that confirmed the ex-employee’s credentials were used to delete the company’s code and data. Ravindran took to social media to share the email, stating that the company was still trying to figure out the extent of the damage caused by the data breach.
The incident has left KiranaPro’s employees and customers in the dark, with salaries delayed and operations disrupted. The company’s CTO, Saurav Kumar, explained that the employee off-boarding process was not being handled properly, which led to the ex-employee still having access to the company’s credentials.
This incident serves as a wake-up call for startups to prioritize employee off-boarding and access control. With the increasing use of cloud-based services and remote work, it’s essential for companies to have a robust process in place to ensure that employees no longer have access to company resources and data after they leave the organization.
The lack of a full-time HR department at KiranaPro is a common issue faced by many startups. Many startups operate on a lean budget, and HR functions are often handled by other team members or outsourced to third-party providers. However, this can lead to a lack of expertise and oversight in critical areas like employee off-boarding and access control.
The KiranaPro incident highlights the need for startups to prioritize HR functions and invest in employee management tools and processes. By doing so, startups can reduce the risk of data breaches and ensure business continuity in the event of an employee leaving the organization.
In addition to prioritizing HR functions, startups should also consider implementing robust access controls and data encryption to protect their data. This includes limiting access to sensitive data and applications to authorized personnel only, and using encryption to protect data both in transit and at rest.
The KiranaPro incident also raises questions about the role of GitHub in the data breach. GitHub is a popular platform for developers to share and collaborate on code, but it’s also a potential attack vector for hackers. In this case, the ex-employee used his GitHub credentials to delete the company’s code and data. This highlights the need for developers to use strong passwords and two-factor authentication to secure their GitHub accounts.
The KiranaPro incident is a sobering reminder of the importance of employee off-boarding and access control in startups. By prioritizing these functions and investing in employee management tools and processes, startups can reduce the risk of data breaches and ensure business continuity in the event of an employee leaving the organization.
Sources:
