Furniture rental platform, Rentomojo, has undergone a security data breach that exposed customer data, including personally identifiable information in some cases. 

“It appears that the attackers were able to get unauthorised access to our customer data, including in some cases personally identifiable information,” said CEO Geetansh Bamania in an e-mail sent to customers on Wednesday night. businessline has reviewed the e-mail.

However, the company assured that the breach did not comprise customers’ financial information such as credit cards, debit cards or UPI, as these details are never stored in Rentomojo’s database.

Also read: OpenAI admits data breach at ChatGPT, private data of premium users exposed

“Upon becoming aware of the breach, we immediately initiated an investigation and engaged leading cybersecurity and legal experts to assist us. We have also taken immediate steps to fortify our systems to prevent such incidents in the future,” Bamania added.

Some of these measures include rotating all access tokens and updating all passwords, reviewing all third-party and open-source plugins and integrations, and implementing multi-factor authentication (MFA) for additional layers of protection, among others. 

“While we are still investigating, we believe it is our responsibility to inform you first. Protecting customer and business data is of top priority for us and is something we prioritise over everything and anything,” said Bamania.

Also read: HDB Financial Services flags data breach at service provider