DoorDash customers, delivery drivers, and partnered restaurants have had some of their personal information exposed in a recent data breach, confirmed by the food delivery platform.
Last week, the delivery app confirmed the incident in an article on its help center, stating that hackers stole the names, contact information, and physical addresses of customers, dashers, and merchants on the platform. The company assures that no sensitive information, such as payment details, were included in the compromised data.
At this time, it’s unclear how many people and businesses have been affected. The cause of the attack has been revealed to be a social engineering scam that targeted a DoorDash employee. DoorDash has notified affected individuals and businesses.
(–Source: USA Today on MSN
Read More: DoorDash says personal information of customers, dashers stolen in data breach )
Sportswear brand Under Armour appears to be experiencing a data breach after the notorious Everest ransomware gang posted a sample of data supposedly belonging to customers of the brand on a dark web leak site.
The group claims to have 343GB of data containing a variety of information belonging to both clients and employees of Under Armour. In the post, Everest has included a countdown timer with a message to Under Armour to contact them within 7 days.
(–Source: TechRadar on MSN
Read More: Hackers claim to have hit Under Armour in massive data breach – here’s what we know, and how you can stay safe )
A zero-day vulnerability in a third-party software system has lead to a data breach involving data from Logitech’s internal IT system.
The Cl0p ransomware gang has taken credit for the attack in a dark web leak site post. There is not yet any confirmation of how much data was exposed or what information is included in the leak, but Cl0p claims to have 1.8TB of the company’s data.
It’s likely that the stolen information includes “limited information about employees and consumers,” with sensitive personal information still being secure, as it is stored in a different server. Investigation is ongoing.
(–Source: CPO Magazine
Read More: Logitech Confirms Data Breach After Cl0p, Linked to Oracle E-Business Suite Exploits, Takes Responsibility – CPO Magazine )
After a ransomware attack earlier this year, the Pennsylvania Office of the Attorney General has disclosed that it is suffering from a data breach following the incident.
After confirming the ransomware attack in August, The Inc Ransom group claimed responsibility for the attack in late September, stating that they have 5.7 TB of data and “access to internal network of FBI.”
Investigation is still ongoing, but the OAG confirmed that some files containing sensitive personal information were accessed. It’s currently unknown how many people are affected.
(–Source: Security Week
Read More: Pennsylvania Attorney General Confirms Data Breach After Ransomware Attack – SecurityWeek )
