Google News 09/29: DoorDash suffers a data breach

Spotlight on cyber security

Earlier this week, the food delivery startup DoorDash announced that a ‘third-party service provider’ had accessed the user data of millions of their customers, drivers, and vendors in a security breach last May.

Addresses, birth dates, credit card information, hashed passwords, and driver’s license numbers were some of the sensitive information exposed to potential hackers, although it wasn’t enough to access bank and credit card accounts. Users who made their profiles after April 5th, 2018 weren’t affected.

Speaking candidly, DoorDash co-founder Peter Goldstein said:

DoorDash’s data breach — which exposed names, email addresses, delivery addresses, order history, phone numbers, and hashed passwords — puts close to 5 million people at an increased risk for phishing attacks and other fraudulent activity.

Despite these potential damages, like many other companies, DoorDash is protected by user agreements which shield them from class-action lawsuits. Because data breaches are relatively common, many tech companies operate under the assumption that one will inevitably occur.

When it comes to the existence of vulnerabilities in their security systems, companies have two options. Either they…