I'm Deepak Ravindran, founder of KiranaPro, a quick commerce startup in India serving thousands of small retailers and consumers. Last week, we were the victims of a devastating and deeply targeted cyberattack.
Our private GitHub repo (connected to our AWS infra) was compromised. The attacker deleted our core application code and simultaneously used those credentials to wipe out our AWS EC2 servers and backups.
Here’s why I’m writing to you all:
GitHub support has been slow to respond with critical data like access logs and IP trace timestamps.
We're seeking help from anyone who’s previously worked with GitHub on escalated cases or has contacts inside GitHub who can accelerate traceability and security logs before the trail goes cold.
We’ve filed an FIR (Indian cybercrime complaint) and have a legal case in motion, but GitHub cooperation is key to identifying the actor behind this.
We’re transparent about this because it’s not just about us — this is a broader threat to small startups depending on centralized infrastructure.
If you can introduce us to someone at GitHub security or help escalate this internally, please reach out:
deepak@kirana.pro
@deepakravindran on Twitter
I never imagined I’d write something like this here, but I know the strength of this community. Thanks in advance — we’ll pay it forward.
deepakravindran•8mo ago
Our private GitHub repo (connected to our AWS infra) was compromised. The attacker deleted our core application code and simultaneously used those credentials to wipe out our AWS EC2 servers and backups.
Here’s why I’m writing to you all:
GitHub support has been slow to respond with critical data like access logs and IP trace timestamps.
We're seeking help from anyone who’s previously worked with GitHub on escalated cases or has contacts inside GitHub who can accelerate traceability and security logs before the trail goes cold.
We’ve filed an FIR (Indian cybercrime complaint) and have a legal case in motion, but GitHub cooperation is key to identifying the actor behind this.
We’re transparent about this because it’s not just about us — this is a broader threat to small startups depending on centralized infrastructure. If you can introduce us to someone at GitHub security or help escalate this internally, please reach out: deepak@kirana.pro @deepakravindran on Twitter
I never imagined I’d write something like this here, but I know the strength of this community. Thanks in advance — we’ll pay it forward.
— Deepak