DoorDash Confirms Data Breach Following Social Engineering Attack
SAN FRANCISCO – DoorDash has confirmed a data breach stemming from a sophisticated social engineering attack targeting its employees. the company disclosed the incident in a recent post, stating it has referred the matter to law enforcement and implemented enhanced security measures.
The breach involved unauthorized access to certain DoorDash systems, perhaps compromising customer data. While the company has not specified the exact nature or extent of the compromised information, it emphasized its commitment to protecting user data and swiftly addressing the vulnerability.
Following the incident, DoorDash deployed new enhancements to its security systems, implemented additional employee training focused on identifying and preventing such scams, and engaged an external firm to assist with the inquiry.
This incident underscores a growing trend of social engineering attacks targeting businesses,especially those in the middle market. A recent PYMNTS Intelligence report, ”Vendors and Vulnerabilities: The Cyberattack Squeeze on Mid-Market Firms,” found that 87% of mid-market firms express concern over social engineering attacks aimed at payments systems. Further, “The State of Fraud and Financial Crime in the U.S. 2024: What FIs Need to Know” revealed a 56% increase in social engineering fraud in the previous year.
These scams exploit human psychology, relying on trust and “customer-centric” tactics to circumvent security protocols. The threat is further amplified by advancements in artificial intelligence (AI).PYMNTS reported in October that AI is enabling hackers to create faster,cheaper,and more convincing scams,including AI-generated voices indistinguishable from genuine ones.
