DoorDash is the latest company to suffer a major data breach. Over 4.9 million DoorDash customers have been affected by the breach with physical addresses, names, and email addresses being compromised. With data breaches becoming more frequent occurrences, customers and companies need to protect themselves.
“The DoorDash breach highlights the inherent risks in trusting your supply chain partners. It’s critical not only to hold suppliers accountable for meeting minimum data security standards, but also to require transparency and disclosure when incidents occur,” said Mark Orlando, CTO of Cyber Protection Solutions, Raytheon Intelligence, Information and Services.
In the case of DoorDash, data was accessed on May 4th, but reports have just recently surfaced. “While it’s unclear whether or not the third-party source of the breach contributed to the more than 5 month delay in reporting the incident, DoorDash has undoubtedly incurred additional reputational damage as a result of that delay,” said Orlando.
DoorDash is among a variety of other organizations that have been hit by data breaches including hospitals and banks. “This breach is just one more example of how little control end users have over their data once they give it to a vendor or service provider. In the new app economy, vendors routinely outsource business functions in ways that aren’t obvious (or even visible at all) to the end-user,” said Orlando. “Obviously there is much more work to be done to enforce minimum standards for safeguarding payment data and other sensitive personal information.”
National Cybersecurity Awareness Month, beginning in October focuses on the protection and security of data for citizens, consumers, and businesses like DoorDash. Retail Technology Insider will be covering stories throughout the month on how retailers can improve their cyber hygiene and decrease the risk for cyber crimes and data breaches.