One important detail from this week's admission from Doordash that they'd suffered (and remained silent about) a breach of 4.9 million records: Doordash, by its nature, includes the home addresses of people who otherwise avoid disclosing where they live.
People at risk from doxing, swatting, stalking, and other forms of privacy invasion take great pains to keep their home addresses secret, such as renting private mailboxes and having all correspondence and deliveries sent to those addresses. Some people even register anonymous Nevada or Delaware LLCs and buy their houses through those companies, just to keep their names out of title registries.
However, there are some services that need to associate your name with your home address. It's hard to send your kid to a public school without allowing the school district to store your home address associated with your name (and school districts regularly suffer breaches). Credit bureaux are likewise impossible to keep your home address away from (o hai, Equifax).
Then there's Doordash. No one gets dinner delivered to a Mailboxes, Etc and picks it up from there. Doordash's breach blows up the physsec and opsec for a nation of at-risk people. Doordash isn't just a run-of-the-mill breach: it's a catastrophe for some of the most vulnerable people in America.
Here's a pro-tip: you can set up a Google Alert for your name and home address, which will notify you any time a data-broker puts that information up for sale on the public markets (of course, if Google Alerts is ever breached, you're screwed).
Users who joined the platform before April 5, 2018 had their name, email and delivery addresses, order history, phone numbers and hashed and salted passwords stolen.
DoorDash confirms data breach affected 4.9 million customers, workers and merchants [Zach Whittaker/Doordash]
(Image: U.S. Army Materiel Command, CC BY, modified)
Yesterday Bytedance, the company that acquired the tween-centric app Musica.ly and relaunched it as Tiktok, was been sued by a parents' group for violating the Children's Online Privacy Protection Act by gathering, storing, and selling private information about their children. Today, they settled the case on terms that have not been disclosed.
Reps Anna Eshoo [D-CA] and Zoe Lofgren [D-CA] have introduced HR 4978, the "Online Privacy Act," which is a comprehensive set of federal rules for privacy, interoperability, and protection from algorithmic discrimination and manipulation.
Chrome’s incognito mode is useful if you don’t want your browsing history saved to your account, don’t want websites to access your cookies, or if you want to troubleshoot your browser. But it doesn’t do much to protect your privacy. Your ISP can see what websites you visit, and services like Twitter can figure out […]
When the SNES launched back in the early 1990s, it changed gaming forever. One of the innovations was a gamepad with four action buttons — something that has remained a constant on controllers ever since. The 8BitDo SN30 Bluetooth Gamepad brings that iconic design up to date, with Bluetooth connectivity and support for multiple platforms. […]
After a long day at work, cooking a meal from scratch can seem like too much trouble. Unfortunately, the alternative is usually something unhealthy. Enter the Mellow Sous Vide Precision Cooker. This compact water bath uses cutting-edge technology to cook meat and veggies at the perfect temperature for exactly the right amount of time. It […]
In the course of any day, we encounter many different audio environments. If you are wearing earbuds, the ambient noise level can affect your listening experience. The HUB wireless earbuds adapt to different surroundings using smart noise-cancellation technology. They can either block out distractions or enhance conversations. They are normally priced at $250, but you […]