Thursday, March 28, 2024

Hackers Stole 4.9 Million Users Data from Food Delivery Service DoorDash

DoorDash announced a data breach that impacts 4.9 million consumers, Dashers, and merchants who signed up with the platform on or before April 5, 2018.

The company has learned an unusual activity earlier this month, they have launched an investigation with assistance from external security researchers. The investigation determines an unauthorized third party to DoorDash user data on May 4, 2019.

What are the DoorDash Data Exposed

The company has not provided any details about how the hackers gain access to the data stored and they confirmed that they have blocked the unauthorized user.

Exposed data includes names, email addresses, delivery addresses, order history, phone numbers, as well as hashed, salted passwords, last four digits of payment card details, last four digits of bank account numbers 100,000 Dashers driver license.

According to the report, not all the customers who joined before April 5, 2018, are affected. Also the companies no user joined after April 5, 2018, were affected.

“We took immediate steps to block further access by the unauthorized user and to enhance security across our platform.”

“We do not believe that user passwords have been compromised and the information accessed is not sufficient to make fraudulent charges on payment cards or fraudulent withdrawals from bank accounts.” DoorDash said.

The company started notifying affected users, if you are the one affected then it is recommended to reset their DoorDash password associated with the DoorDash account.

DoorDash is a San Francisco–based food delivery service found in 2013, the company delivers door-to-door delivery from restaurants on-demand.

Related Coverage

Biometric Security Platform Data Breach Leaked Millions of Users Facial Recognition & Fingerprinting Data

British Airways Facing £183.39 Million Fine Under GDPR for 2018 Data Breach

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Website

Latest articles

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles