If you thought September would roll by without a significant data breach, you were wrong. The firm targeted in this most recent breach is DoorDash, which is a specialist delivery service platform.
The company confirmed in an official statement that it began to notice unusual activity involving one of its third-party service providers, which prompted it to do some further investigation.
That process yielded the rather concerning discovery that a security breach was able to compromise the data of an estimated 4.9 million customers. The data stolen included names, contact numbers, email addresses and physical addresses, as well as passwords linked to their accounts.
DoorDash has since advised its users to change their passwords, adding that the last four digits of some payment cards and back accounts were stolen too. The firm does stress, however, that no full credit card, CVV or complete bank account details were stolen during the breach.
It adds that roughly 100 000 DoorDash drivers also had their information compromised in the security breach.
As for what precautions it has taken, DoorDash has stated the following:
“We have taken a number of additional steps to further secure your data, which include adding additional protective security layers around the data, improving security protocols that govern access to our systems, and bringing in outside expertise to increase our ability to identify and repel threats,” the firm’s statement says.
“We are reaching out directly to affected users with specific information about what was accessed. We do not believe that user passwords have been compromised, but out of an abundance of caution, we are encouraging all of those affected to reset their passwords to one that is unique to DoorDash,” it concludes.
With data breaches now commonplace these days, it should be interesting to see how this latest one affects the popularity of the DoorDash service. Either way, we could see more people decide to pick up their take away instead of having it delivered via a app or service.