Now Delivering Data Breaches
By Hodgson Consulting & Solutions | September 30, 2019
DoorDash, a popular food delivery application, experienced a data breach that exposed data from 4.9 million customers. As reported by Wired:
“DoorDash, a takeout delivery company, confirmed a data breach on Thursday almost five months after it occurred on May 4, and a year after some users started complaining that their accounts had been inexplicably compromised. The company said that the incident exposed data from 4.9 million users, merchants, and delivery workers. Users who made accounts after April 5, 2018 were not affected by the breach. DoorDash said that the incident occurred through a third-party service. The breach compromised names, email addresses, order histories, phone numbers, delivery addresses, and hashed and salted passwords. Hackers also grabbed the last four digits of some user credit cards, but not the complete numbers or card verification values (CVV). Hackers also accessed the last four digits of some merchants' and delivery workers' bank account numbers. The cherry on top is that the hackers also stole the driver's license numbers of about 100,000 delivery workers.” (wired.com, 2019)
DoorDash is used by millions of merchants, drivers, and customers. None of which expected that their accounts could or would turn them into victims. You should always take precautions when using any application that requires your personal and/or financial information. Also always be alert of what balances are ingoing and outgoing through the app, as well as any associated fees. This way you are less likely to fall for phishing scams, such as the one that occurred with Restaurant Depot just recently. Restaurant Depot is a commercial food service wholesaler. And as reported by SC Magazine, “Restaurant Depot customers received phishing emails asking for payment of an outstanding invoice or else the company would deduct the balance from their accounts.” (scmagazine.com, 2019) Suspicious Restaurant Depot users began tweeting the company to gain further information about the fishy emails. The restaurant responded; letting users know that they were aware of the “pretty big breach”, and instructed them to discard the emails without opening. That is good advice for those users who were aware enough to question the source of the emails. However, for those who may have opened the emails, or worse – those who followed the requested actions, research and recuperation will be necessary.
How it Could Affect You:
We are all practically glued to our mobile devices and the concept of convenience these days. We don’t often step back to pay close attention to what those conveniences could be costing us. Hackers always have their plans in play. So it’s up to us to make sure that we aren’t caught lacking when it comes to our own cybersecurity.
Don’t let hackers feed off of your hunger. These kinds of breaches can affect you by:
- Jeopardizing your credit/banking information if you have you accounts directly linked to these dining applications.
- Placing your well-being in harm’s way, as hackers may have obtained addresses of those affected by these breaches.
- Creating future and ongoing risks, should your financial credentials, physical address, or any other obtained information be sold for profit via these hackers.
For us, food is a necessity, but don’t let hackers feed off of your hunger. As seen by these recently reported breaches, the food industry has become another breeding ground for cybersecurity hacks.
Here at Hodgson Consulting & Solutions, we specialize in securing data and information loss prevention for companies with multiple locations and/or a remote workforce. Contact us to receive a FREE 17-Point Confidential Technology Security Consultation and learn more about our Managed Security Service Plans.