Furniture rental company Rentomojo has recently identified a security breach that involved unauthorised access to one of their databases. Rentomojo shared this information to all of its users over email “as the company become aware of the breach, we immediately initiated an investigation and engaged leading cybersecurity and legal experts to assist them”.

It appears that the attackers were able to get unauthorised access to Rentomojo’s customer data, including personally identifiable information, by exploiting the cloud misconfiguration through extremely sophisticated attacks, thus breaching one of their databases. However, the company has reassured its customers that the breach has no impact on any financial information like credit cards, debit cards, or UPI as they never store them in their database.

Rentmojo has reported the incident to the appropriate authorities and is cooperating fully with the ongoing investigation. In addition, they have taken immediate steps to fortify their systems to prevent such incidents in the future.

These measures include securing the database and encrypting all information stored in it, strengthening their infrastructure with advanced security practices like Intelligent Threat Detection, Sensitive Data Discovery, and logging IP traffic, implementing multi-factor authentication (MFA) for additional layers of protection, ongoing security audits and vulnerability assessments to identify and mitigate further risks, rotating all the access tokens and updating all passwords immediately, and implementing Endpoint Detection and Response (EDR) for their network. They have also reviewed all the third-party and open-source plugins and integrations.

In the statement, Rentomojo emphasised that protecting customer and business data is their top priority and something they prioritise over everything else. They also reassured their customers that their trust in the company is their top priority, and they are working tirelessly to ensure the highest level of security.

As data breaches continue to be a growing concern for businesses and individuals alike, Rentomojo’s proactive steps to prevent future incidents demonstrate their commitment to protecting their customers’ data.

Furniture rental company Rentomojo has recently identified a security breach that involved unauthorised access to one of their databases. Rentomojo shared this information to all of its users over email “as the company become aware of the breach, we immediately initiated an investigation and engaged leading cybersecurity and legal experts to assist them”.

It appears that the attackers were able to get unauthorised access to Rentomojo’s customer data, including personally identifiable information, by exploiting the cloud misconfiguration through extremely sophisticated attacks, thus breaching one of their databases. However, the company has reassured its customers that the breach has no impact on any financial information like credit cards, debit cards, or UPI as they never store them in their database.

Rentmojo has reported the incident to the appropriate authorities and is cooperating fully with the ongoing investigation. In addition, they have taken immediate steps to fortify their systems to prevent such incidents in the future.

These measures include securing the database and encrypting all information stored in it, strengthening their infrastructure with advanced security practices like Intelligent Threat Detection, Sensitive Data Discovery, and logging IP traffic, implementing multi-factor authentication (MFA) for additional layers of protection, ongoing security audits and vulnerability assessments to identify and mitigate further risks, rotating all the access tokens and updating all passwords immediately, and implementing Endpoint Detection and Response (EDR) for their network. They have also reviewed all the third-party and open-source plugins and integrations.

In the statement, Rentomojo emphasised that protecting customer and business data is their top priority and something they prioritise over everything else. They also reassured their customers that their trust in the company is their top priority, and they are working tirelessly to ensure the highest level of security.

As data breaches continue to be a growing concern for businesses and individuals alike, Rentomojo’s proactive steps to prevent future incidents demonstrate their commitment to protecting their customers’ data.