DoorDash, the popular app for ordering food and groceries, disclosed a recent data breach. A social-engineering scam was the culprit. The company’s response claims that there is no indication that any fraud or identity theft have occurred.
Here’s what happened:
- Scope: Unspecified but included customers, employees, and partners.
- Data exposed: Names, phone numbers, email addresses, and physical addresses.
- Breach cause: Social engineering scheme
- Key lesson: Cybersecurity education and awareness are crucial to preventing these attacks. The company noted they will be doing this going forward. Their response also stated they would be enhancing malware monitoring. That is important. However, they should consider data-centric security as an additional cybersecurity pillar.
How Major Corporations Respond
Disappointingly, DoorDash mentioned in their press release to affected users below that they are trying to get better 1% every day, and did not mention the exact procedures taken to keep this from happening again. More about what was said by them on an official level is linked below.
Company notification: https://help.doordash.com/dashers/s/article/Our-response-to-a-recent-cybersecurity-incident?language=en_US
Clearly we’re STILL AT RISK.
Of course your credit card information is stored in a delivery app, right now. And it doesn’t look like they are aggressively protecting our data or security.
Do you know if your work devices are secure? Get help with Engler IT – book a FREE Security Scan to test your devices now: