The company’s databases were compromised including users’ contact details and email addresses. Dunzo has launched an internal investigation, the online news service reported.
While it said users’ credit card numbers were not accessed, the company has not provided how many customers could have been impacted.
So far, investigators revealed the unauthorized access to Dunzo's database may have followed a breach in the servers of a third party, one of its customers.
Dunzo said it has taken steps to secure the gaps in its system and added additional layers of security protocols.
The company operates in Bengaluru, Delhi, Gurugram, Pune, Chennai, Jaipur, Mumbai and Hyderabad, Money Control reported. Google invested a minority stake in the venture in 2017, when it led a $12 million investment round, the report noted.
The 5-year-old startup operates a hyperlocal delivery service, and users can get deliveries of groceries, perishables, pet supplies, prescription drugs and food from restaurants.
Since May, Google users in India have been able to order groceries from Dunzo, allowing the tech giant to effectively enter into the Indian delivery market. The service can be used through Google Pay without the need to download another app.
Under the terms of the deal, the partnership allows Google to use Dunzo’s delivery services, while Dunzo gets access to more than 67 million residents of India who use Google's Pay app.
Last fall, PYMNTS reported Dunzo raised $45 million in a Series D funding round. Google, Lightbox Ventures, STIC Investment, STIC Ventures and 3L Capital participated. At the time, the company was valued at around $200 million. Before the additional funding, Dunzo had raised $81 million.
“We are on course to building the largest commerce platform in the country with the most efficient logistics solution for each city,” said Dunzo’s Kabeer Biswas, co-founder and CEO, in a statement at the time.