retail news in context, analysis with attitude

Fast Company reports that delivery service Door Dash has suffered a data breach, saying that it happened "on May 4, 2019, when an unauthorized third party accessed some DoorDash user data. However, DoorDash only discovered the breach earlier this month.

"Approximately 4.9 million consumers, DoorDash delivery workers, and merchants who joined the platform on or before April 5, 2018, are affected … Profile information including names, email addresses, delivery addresses, order history, and phone numbers were accessed in the breach. Passwords were also accessed in the breach, however, they were salted and hashed, which in theory makes them unreadable.

"Some but not all of the DoorDash customers affected had the last four digits of consumer payment cards accessed. However, DoorDash says 'full credit card information, such as full payment card numbers or a CVV, was not accessed'."

The story says that "users who joined DoorDash after April 5, 2018, are not affected."


• Amazon said last week that it has acquired technology startup INLT, which makes software that would allow the retailer's third party vendors to import products into the US, managing both costs and customs clearances. Terms of the deal were not disclosed.
KC's View: