XKart India Limited,

35 Bellandur Road,
Marathahalli,
Bengaluru 560037

To
Mr. [●]
Indian Computer Emergency Response Team (CERT-In),
Ministry of Electronics and Information Technology (MeitY),
Electronics Niketan,
6, C.G.O. Complex Lodhi Road,
New Delhi,
PIN-110003

Subject: Data Breach Notification: Ransomware Attack Incident

Dear [●],

We regret to inform you that our company, X Kart India Limited, has experienced a significant data breach due to a ransomware attack on our systems. We are reporting this
incident to comply with the data breach reporting obligations outlined in the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal
Data or Information) Rules, 2011.

Details of the Incident:

On 21st February, 2024 at 9:52 am in the morning, our systems were compromised by a sophisticated ransomware attack, which resulted in the encryption of critical customer
databases. Despite having backups, the attackers have threatened to release the compromised data publicly unless a ransom is paid. We are taking immediate steps to
contain the breach and mitigate its impact on our customers.

The data affected by this breach includes:

a. Customer names
b. Shipping addresses
c. Email addresses
d. Phone numbers
 e. Purchase history
f. Partial credit card information (last 4 digits, expiration date)

Upon discovery of the breach, our incident response team initiated an investigation to assess the extent of the compromise and identify the affected individuals. We have
engaged cybersecurity experts to assist us in containing the attack, restoring affected systems, and enhancing our security measures to prevent future incidents.

We understand the gravity of this situation and assure you that we are committed to safeguarding the privacy and security of our customers' data. We are implementing
additional security measures and strengthening our defenses to prevent similar incidents in the future.

Should you require any further information or assistance regarding this matter, please do not hesitate to contact us

Sincerely,
Mr Nidayan Mukherjee
Privacy Manager,
XKart India Limited

PS: Please find attached the Incident Reporting Form to be submitted to CERT-In in case of a cyber attack
 Incident Reporting Form

I am:  the effected entity  reporting incident affecting other entity

Contact Information of the Reporter
Name & Role/Title  Individual  Organization

Organization name (if any) X Kart India Limited

Contact No. 9324789241 Email: xkartindia@gmail.com

Address: X Kart Limited,
35 Bellandur Road,
Marathahalli,
Bengaluru 560037

Basic Incident Details

Affected entity
(if not same as reporting
entity above)
Incident Type
Targeted scanning/probing of critical  Data Breach Attacks or malicious/suspicious activities
networks/systems  Data Leak affecting systems/ servers/ networks/
Compromise of critical systems/information Attacks on Internet of Things (IoT) devices software/ applications related to Big Data,

unauthorized access of IT systems/data and associated systems, networks, Block chain, virtual assets, virtual asset
software, servers exchanges, custodian wallets, Robotics, 3D
Defacement or intrusion into the website
Attacks or incident affecting Digital and 4D Printing, additive manufacturing,
Malicious code attacks Drones
Attack on servers such as Database, Mail and DNS Payment systems

and network devices such as Routers
Identity Theft, spoofing and phishing attacks
 DoS/DDoS attacks
Attacks on Critical infrastructure, SCADA and
Wireless
networks
Attacks on Application such as E-Governance, E -
Commerce etc.
Attacks through Malicious mobile Apps Attacks or malicious/ suspicious activities
Fake mobile Apps affecting systems/ servers/software/
Unauthorized access to social media applications related to Artificial Intelligence
accounts and Machine Learning
operational technology systems and
Attacks or malicious/ suspicious activities  Other (Please Specify)
affecting cloud computing systems/servers ----------------------------------------------------------
----------------------------------------------------------

Is the affected Yes.

system/network critical to
the organization’s mission? As an online retailer, our digital infrastructure plays a critical role in facilitating our business operations and serving our
(Yes / No). (Brief details.) customers. The affected systems are integral to our mission of providing a seamless and secure online shopping experience to
our customers.
 The ransomware attack has targeted key databases containing sensitive customer information, including names, addresses,
contact details, purchase history, and partial credit card information. These databases are essential for processing orders,
managing customer accounts, and ensuring the timely delivery of products to our customers.

Furthermore, the compromised systems also house critical business data and operational information necessary for
inventory management, supply chain logistics, and financial transactions. The disruption caused by the ransomware attack
has significantly impacted our ability to fulfill orders, manage inventory, and maintain business continuity.
Basic Information of Domain/URL: https://XKart.com/
Affected System IP Address: 192.158.1.38
(Provide information Operating System: WooCommerce
that is readily
Make/ Model/Cloud details:
available.)
Affected Application details (If any):
Location of affected system (including City, Region & Country): Bangalore, Marathahalli, India

Network and name of ISP: BSNL

Brief description of Incident: Occurrence date and time: 21/06/2024/09:52
Detection date and time: 21/06/2024/10:15

The ransomware attack targeted our organization, compromising critical customer databases containing sensitive
information. The attackers encrypted the data, rendering it inaccessible to the retailer, and subsequently demanded a
ransom payment for its decryption. Although the company had backups in place, the attackers threatened to publicly release
the compromised data unless their ransom demands were met. The potentially compromised data includes a range of
personal and transactional information, such as customer names, shipping addresses, email addresses, phone numbers,
purchase history, and partial credit card information (last 4 digits and expiration date). This attack poses significant risks to
the affected customers, as their personal and financial information may be exposed to unauthorized parties, leading to
potential identity theft, fraud, and other malicious activities.

Note: (i) This form provides general guidance in terms of information which could be relevant to the incident.
(ii) It is not mandatory to fill and/or sign this form. Incidents may also be reported by providing relevant information in the communication itself or in any other readable form.
(iii) Reporting entity may, if desired, also provide relevant information other than mentioned in this form.

Mail/Fax incident reports to: CERT-In, Electronics Niketan, CGO Complex, New Delhi 110003 Fax:+91-11-24368546 or email at: incident@cert-in.org.in