11.4 C
London
Thursday, September 29, 2022

DoorDash hit by data breach linked to Twilio hackers – londonbusinessblog.com

Must read

Ian is expected to make landfall again as a hurricane, this time in South Carolina.

North Carolina and South Carolina were on alert Thursday as Ian headed for them after cutting a path of destruction through Florida and regaining...

Binance Founder Changpeng ‘CZ’ Zhao Shares His Vision of Web3 Capabilities at TC Sessions: Crypto • londonbusinessblog.com

When it comes to the decentralized world of crypto, there are few single entities that are bigger or hold more weight in the industry...

Limit reached – Join the EU Startups CLUB

€147/quarter This option is ideal for companies and investors who want to keep up to date with Europe's most promising startups, have full access...

Autodesk and Epic Games Bring Architecture Tools Immersion

While Autodesk architecture software like Revit is capable of creating 3D design plans, the collaboration introduces easy-to-use tools for designers, with features typically more...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

Hackers gained access to DoorDash customer information and some partial payment details

Meal Delivery Giant DoorDash has confirmed a data breach exposing customers’ personal information.

In a blog post shared with londonbusinessblog.com ahead of its release at market close, DoorDash said malicious hackers stole credentials from employees of a third-party vendor that were then used to access some of DoorDash’s internal tools.

DoorDash said the attackers had access to the names, email addresses, delivery addresses and phone numbers of DoorDash customers. For a “smaller subset” of users, hackers have been able to access partial payment card information, including card type and the last four digits of the card number.

For DoorDash deliverers or Dashers, hackers have gained access to data that “mainly includes name and phone number or email address”. Users of Wolt, the Helsinki-based online ordering and delivery company acquired by DoorDash last year, will not be affected.

DoorDash says a “small percentage” of users were affected by the incident, but declined to say how many users it currently has or give an accurate number of affected users.

The company said it had shut down the third-party vendor’s access to its systems after discovering “unusual and suspicious” activity.

DoorDash did not name the third-party vendor, which “provides services that require limited access to some internal tools,” said DoorDash spokesperson Justin Crowley, but confirmed to londonbusinessblog.com that the vendor’s breach is related to the phishing campaign that targets text and messaging. jeopardized giant Twilio on August 4. Researchers linked these attacks to a broader phishing campaign by the same hacking group called “0ktapus,” which has stolen nearly 10,000 employee credentials from at least 130 organizations, including Twilio, Signal, internet companies and outsourced customer service providers, since March.

DoorDash wouldn’t say when it discovered it had been hacked, but the spokesperson said the company took the time to “fully investigate what happened, which users were affected and how they were affected” before making the data breach public.

DoorDash says that since the discovery of the compromise, the company has hired an unnamed cybersecurity expert to assist with the ongoing investigation and is taking action to “further improve DoorDash’s already robust security systems.”

This isn’t the first time hackers have stolen customer data from DoorDash’s systems. In 2019, the company reported a data breach affecting 4.9 million customers, deliverers and merchants whose information was stolen by hackers. It also blamed an unnamed third-party service provider.

Read more:

From the archives:

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Ian is expected to make landfall again as a hurricane, this time in South Carolina.

North Carolina and South Carolina were on alert Thursday as Ian headed for them after cutting a path of destruction through Florida and regaining...

Binance Founder Changpeng ‘CZ’ Zhao Shares His Vision of Web3 Capabilities at TC Sessions: Crypto • londonbusinessblog.com

When it comes to the decentralized world of crypto, there are few single entities that are bigger or hold more weight in the industry...

Limit reached – Join the EU Startups CLUB

€147/quarter This option is ideal for companies and investors who want to keep up to date with Europe's most promising startups, have full access...

Autodesk and Epic Games Bring Architecture Tools Immersion

While Autodesk architecture software like Revit is capable of creating 3D design plans, the collaboration introduces easy-to-use tools for designers, with features typically more...

What Bruce Lee can teach us about the benefits of conflict

Opinions expressed by londonbusinessblog.com contributors are their own. Can business leaders argue that employees are their greatest asset without providing ongoing forums for open exchange...