Your Web News in One Place

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
September 27, 2019 04:34 pm PDT

Doordash's breach is different

One important detail from this week's admission from Doordash that they'd suffered (and remained silent about) a breach of 4.9 million records: Doordash, by its nature, includes the home addresses of people who otherwise avoid disclosing where they live.

People at risk from doxing, swatting, stalking, and other forms of privacy invasion take great pains to keep their home addresses secret, such as renting private mailboxes and having all correspondence and deliveries sent to those addresses. Some people even register anonymous Nevada or Delaware LLCs and buy their houses through those companies, just to keep their names out of title registries.

However, there are some services that need to associate your name with your home address. It's hard to send your kid to a public school without allowing the school district to store your home address associated with your name (and school districts regularly suffer breaches). Credit bureaux are likewise impossible to keep your home address away from (o hai, Equifax).

Then there's Doordash. No one gets dinner delivered to a Mailboxes, Etc and picks it up from there. Doordash's breach blows up the physsec and opsec for a nation of at-risk people. Doordash isn't just a run-of-the-mill breach: it's a catastrophe for some of the most vulnerable people in America.

Here's a pro-tip: you can set up a Google Alert for your name and home address, which will notify you any time a data-broker puts that information up for sale on the public markets (of course, if Google Alerts is ever breached, you're screwed). Read the rest


Original Link: http://feeds.boingboing.net/~r/boingboing/iBag/~3/Sv2gkDXQngA/swatters-paradise.html

Share this article:    Share on Facebook
View Full Article