Running head: DELOITTE CONSUMER REVIEW - DOORDASH1 Deloitte Consumer Review - DoorDash Johnna Hockensmith Colorado State University Global ACT: 465 Derrick Esplin, CPA, CMA October 15, 2023
2 DELOITTE CONSUMER REVIEW - DOORDASH Deloitte Consumer Review - DoorDash Cybercrime has been an increasingly popular activity amongst criminals who have the means and capabilities to use or target computer networks or networked devices to steal from, corrupt, sabotage, or hold ransom their perspective victims. It has become imperative that business' stay on top of their internal controls to safeguard against the array of different cybercrime attacks that are being committed every day. The Federal Bureau of Investigation (2022) writes that the costs of cybercrime activity in the United States reached $6.9 billion in 2021. Cyber criminals can manipulate technology to gain access to sensitive data saved on cloud systems and computer networks that are exposed to a potential breach, such as cyber extortion where a hacker can hold the sensitive data for ransom and will release the data on the internet if the ransom is not paid. Businesses need to be wary of the possibilities of these cyber-attacks, criminals may come after commercial data, customer databases, payment details of customers, current financial assets, and personal and business identities. A business relies on its consumer base in order to generate the revenue needed to earn a profit and continue operations, thus it's important for a company to safeguard their customers and client's information so it does not fall into the hands of cybercriminals. DoorDash is a company that has fallen victim to a cyber attack where hackers accessed customer data, the data of their drivers and that of the restaurants partnered with DoorDash. Shared below is additional information and research on this breach along with steps taken to prevent further breaches from occurring. The 2019 DoorDash breach Garcia (2019) writes that DoorDash confirmed a breach into their internal data systems occurred on May 4, 2019, which the hackers used to access the "names, email addresses, delivery addresses, order history, phone numbers and encrypted versions of passwords" of 4.9
3 DELOITTE CONSUMER REVIEW - DOORDASH million users around the globe. Also, compromised were the last four digits of bank account and credit card numbers, though DoorDash did confirm that it was only the last four digits, no full credit card or bank account number was accessed. Customers were not the only ones affected by this breach, the individuals working as delivery drivers also had their information accessed, such as the last four digits of the payment card and bank account information and over 100,000 driver's license numbers. This data breach also accessed information related to the restaurants DoorDash partners with the last four digits of bank information as well. Leonhardt (2019) writes that DoorDash confirmed that full bank account and credit card information was not compromised, and that not enough information was accessed to allow for fraudulent withdrawals. DoorDash also reports that this only affects those who partnered with or used DoorDash prior to April 5, 2018. Preventing Future Cyber-Breaches As stated, 4.9 million DoorDash users were affected by the 2019 breach, their names, email addresses, delivery addresses, order history, phone numbers and encrypted versions of passwords were accessed by hackers in hopes they would find data to exploit for their own personal gain. Consumers put a lot of trust in companies when storing personal and financial data on the company's network, and when a breach like this occurs, that trust can easily dwindle into nothing. So, this breach poses a threat to DoorDash and the company must take steps to ensure it does not happen again. Khandelwal (2019) writes that DoorDash took immediate action upon the discovery of the breach to restrict further unauthorized access by the hacker. Security experts were brought in to investigate and determine the magnitude of the breach. Next DoorDash implemented increased security protocols to help prevent another unauthorized access. The company also did the due diligence of reaching out to the users who were affected by this breach,
Why is this page out of focus?
Because this is a Premium document. Subscribe to unlock this document and more.
Uploaded by SargentGiraffeMaster889 on coursehero.com