Security News > 2022 > August > DoorDash discloses new data breach tied to Twilio hackers
Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio.
DoorDash previously suffered a data breach in 2019 that exposed the data of nearly 5 million customers.
Using this access, the threat actors could access the data of 163 Twilio customers and use that data in further supply-chain attacks.
"To date, our investigation has identified 163 Twilio customers - out of a total customer base of over 270,000 - whose data was accessed without authorization for a limited period of time, and we have notified all of them," explains an updated Twilio security advisory.
The fallout from this attack is just being realized, with Twilio disclosing this week that the hackers were also able to access 93 Authy 2FA accounts as part of the breach.
8/26/22 update: Story updated to clarify that the DoorDash breach was conducted by the same hackers as Twilio but not through Twilio.
News URL
Related news
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- French unemployment agency data breach impacts 43 million people (source)
- 43 million workers potentially affected in France Travail data breach (source)
- Fujitsu found malware on several systems, confirms data breach (source)
- Fujitsu found malware on IT systems, confirms data breach (source)
- Fujitsu finds malware on company systems, investigates possible data breach (source)
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems (source)
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- Finland confirms APT31 hackers behind 2021 parliament breach (source)