In a world where civil unrest and economic uncertainty are on the rise amid a worldwide pandemic, venture capital firms still find ways to throw ridiculous amounts of money at trendy startups. If you haven't heard, is the latest in a wave of quirky-named food delivery startups spreading across Europe and poking its tendrils towards the US. Gorillas Having raised over to date, Gorillas is currently valued at over $1 billion USD. Investors include the VC firm Fifth Wall, Atlantic Food Labs, and Chinese tech conglomerate Tencent, an interesting choice considering the lack of proprietary technology and rampant security issues plaguing Gorillas. $335 million USD found that even with over $300 million in cash, the tech infrastructure of Gorillas leaks like a sieve. An investigation by German IT Collective Zerforschung Customer data was easily and publicly accessed, including names, email addresses, phone numbers, order details, physical addresses, and even photos of the customers’ front doors taken by delivery workers. Also available were API keys for their SendGrid mailing provider (meaning attackers could send phishing emails and malware to customers from official Gorillas email addresses), as well as for the company Slack channel (meaning attackers could send similarly disruptive messages to employees). How, you may ask, does a “tech unicorn” (and by extension, its investors) manage to screw up this badly? The answer is a two-parter. First, Gorillas doesn’t actually make its own software. They white label an existing courier software created by . This means that they have no direct control over the software, its security, and by extension its customers data. Gorillas is a billion-dollar “tech company” without the tech. Lebanese software developer Eddress Secondly, nobody asked. Even a superficial attempt at due diligence from the investors would have made it glaringly clear that there are some serious problems with security, accountability, and tech infrastructure at Gorillas. But today with VC money spilling out onto the streets, being fast and being first has become more important than fundamental value, it seems like nobody has time for crossing their T’s and dotting their I’s anymore. The underlying issues don’t stop there. While numbers haven’t been made public, CEO Kağan Sümer has said in that the company needs a significant increase in average order size to reach profitability. On top of that, the lack of proprietary tech infrastructure makes increasing losses through food waste and delivery logistics an inevitability as the company grows in size and increases the number of their warehouses around the world. an interview with entrepreneurial podcast OMR Gorillas, however, is simply the symptom of a disease of culture, attitude, and strategy that permeates the modern tech sector. It’s not the first pump-and-dump tech unicorn propped up by investor money, and it won’t be the last. Value investing and proper due diligence has taken a backseat to investor FOMO and it shows. Until the industry matures enough to realize that short-term profits and quarterly shareholder reports aren’t a substitute for well-built companies with long-term growth, we’ll keep seeing the same old story of data leaks and ivory towers built on an illusory foundation. And the users, as always, get the short end of the stick.

Fomo

Data Leak of $1B “Tech Unicorn” Gorillas Shows How Far Venture Capital Has Fallen

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

108 Stories To Learn About Cybersecurity Tips

10 Ways to Mitigate Cybersecurity Risks and Prevent Data Theft

10 Tips For Securing Zoom Meetings

10 Things I Did To Increase CloudTrail Logs Security

10 Steps to Ensuring Cyber Security for a Small Business

10 Common Java Vulnerabilities Every Security Engineer Should Know

108 Stories To Learn About Cybersecurity Tips

10 Ways to Mitigate Cybersecurity Risks and Prevent Data Theft

10 Tips For Securing Zoom Meetings

10 Things I Did To Increase CloudTrail Logs Security

10 Steps to Ensuring Cyber Security for a Small Business

10 Common Java Vulnerabilities Every Security Engineer Should Know

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps