DoorDash confirms data breach, customers data exposed


San Francisco, Aug 26 (IANS): Online delivery giant DoorDash has confirmed that it has been hit by a data breach, which has affected several customers and merchants.

The company said it recently became aware that a third-party vendor was the target of a sophisticated phishing campaign and that certain personal information maintained by DoorDash was affected.

"Importantly, the phishing campaign did not compromise sensitive information and we have no reason to believe that affected personal information has been misused for fraud or identity theft at this time," the company said in a blogpost.

"Because we value the trust our users place in us, we are sharing an update on what happened and how we are responding," it added.

DoorDash recently detected unusual and suspicious activity from a third-party vendor's computer network. In response, it swiftly disabled the vendor's access to our system and contained the incident.

"Based on our investigation, we determined the vendor was compromised by a sophisticated phishing attack. The unauthorised party used the stolen credentials of vendor employees to gain access to some of our internal tools," the company said.

"The advanced tactics used appear to be connected to a wider phishing campaign that has targeted a number of other companies. We understand that law enforcement is aware of this campaign and is actively investigating. We have contacted them to offer our support," it added.

The company said the investigation has determined that a small percentage of individuals whose data is maintained by DoorDash was affected in connection with this incident.

 

  

Top Stories


Leave a Comment

Title: DoorDash confirms data breach, customers data exposed



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.