Twilio-Linked Phishing Campaign Also Targets DoorDash
Food delivery firm DoorDash says its customer and employees’ data was compromised by the recent phishing attack on its third-party service provider.
DoorDash says it experienced “unusual and suspicious activity” on its third-party vendor’s computer network that was a victim of a sophisticated phishing campaign.
“We swiftly disabled the vendor’s access to our system and contained the incident,” the company says. “The phishing campaign did not compromise sensitive information and we have no reason to believe that affected personal information has been misused for fraud or identity theft at this time.”
The unauthorized attacker used the stolen credentials of a vendor employee to gain access to some of their internal tools that had access to DoorDash’s employees and customer data.
The compromised data included name, email address, delivery address and phone number for consumers and a small set of consumers’ basic order information and partial payment card information including the card type and last four digits of the card number were also accessed.
However, for employees of DoorDash, the compromised information includes name and phone number or email address. However, the company says no passwords, full payment card numbers, bank account numbers, or Social Security or Social Insurance numbers were compromised in the attack.
“We have also shared security alerts with other third-party vendors detailing the specific tactics used and reminded employees and third-party vendors to be on alert for any suspicious activity,” the company says.
The company in its notification says that it is working with an unnamed cybersecurity firm to assist with their ongoing investigation and is notifying affected individuals whose information DoorDash maintains and relevant data protection authorities.
DoorDash’s spokesperson Justin Crowley confirmed that the vendor breach is linked to the phishing attack on the customer engagement platform Twilio on Aug. 4.
“We can confirm the incident is connected to a wider phishing campaign that has targeted several other companies. The advanced tactics used in this incident are identical to the tactics used against several other companies,” Crowley says.
This ongoing phishing campaign codenamed 0ktapus has stolen nearly 10,000 credentials at 130 organizations, including Twilio and email service provider Mailchimp.
With thanks to the Cyber Defence Alliance and Bank Info Security. The full story is here: https://www.bankinfosecurity.com/twilio-linked-phishing-campaign-also-targets-doordash-a-19923
Free Phishing Security Test
Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
Here’s how it works:
- Immediately start your test for up to 100 users (no need to talk to anyone)
- Select from 20+ languages and customize the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organization compares to others in your industry
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW