In a surprising incident, Bengaluru-based grocery startup KiranaPro faced a serious cyberattack — not from outside hackers, but from someone who used to work there.
The former employee, who was recently laid off due to the company’s financial problems, still had access to important systems. He used this access to delete code, cloud logs, and some key backend services, causing the app to crash in early June 2025.
Thankfully, customer data was not stolen, and most of the company’s system was recovered with the help of internal backups. However, the company’s operations were disrupted for a short while. KiranaPro’s CEO, Deepak Ravindran, confirmed the incident and said that legal action has been taken.
Why Did This Happen?
At the time, KiranaPro was already going through tough times — salaries were being delayed, and layoffs had started. Though the company didn’t link the sabotage directly to unpaid dues, the timing suggests that internal frustration may have played a part.
This case is a strong reminder that insider threats can be more dangerous than outsider hackers. Since ex-employees know the company’s systems well, they can do serious damage without needing any hacking tools — just old login details and a grudge.
What Can We Learn?
KiranaPro’s situation teaches important lessons:
- Revoke access immediately when someone leaves the company.
- Use multi-step login systems and track admin-level user activity.
- Keep regular, encrypted backups that can be restored quickly.
- Treat people respectfully during layoffs and transitions to avoid building a toxic culture.
While KiranaPro recovered its systems, the real warning is clear: startups must balance tech with strong procedures and human understanding. One simple mistake can open the door to serious insider damage.
