Podcast Episode Details
Back to Podcast Episodes
DoorDash Data Breach, Voice Assistant Privacy Changes, Limiting Ad Tracking
You’re listening to the Shared Security Podcast, exploring the trust you put in people, apps, and technology…with your host, Tom Eston.
In episode 88 for September 30th 2019: DoorDash announces a data breach affecting 4.9 million people, recent voice assistant privacy changes, and ways that you can limit ad tracking on your mobile device.
Are you a frequent traveler that wants a high-quality, fashionable backpack that keeps your digital privacy in mind? Then you need to check out Silent Pocket’s new Faraday Bag Waterproof Backpack. Check it out at silentpocket.com as well as their other products built to protect your privacy. Don’t forget, as a listener of this podcast you receive 15% off your order at checkout using discount code “sharedsecurity”.
Welcome to the Shared Security Weekly Blaze Podcast where we update you on this week’s most important cybersecurity and privacy news. These podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.
Popular food delivery company DoorDash said in a blog post late last week that 4.9 million customers, delivery workers, and merchants had their information stolen through a third-party service provider who was not named. Data stolen included name, email and delivery address, order history, phone numbers, last four digits of their credit card or bank account, and hashed (and salted) passwords. Users who joined the service prior to April 5th 2018 were affected by this breach and to add insult to injury about 100,000 delivery works also had their driver’s license information stolen as well. And if that wasn’t enough, this news ironically comes almost a year after many DoorDash users complained that their accounts were hacked. At the time, DoorDash denied that there was a breach and blamed it on credential stuffing attacks, where attackers use user names and passwords previously exposed through known data breaches, then use those credentials on other sites like DoorDash. This is basically a way to pass blame to the user for selecting poor passwords. I think DoorDash has a little bit of explaining to do as we now add this latest breach to the long list or breaches that we’ve had just this year alone. If you happen to be a DoorDash customer check out our show notes to a link to the official news release about the breach for more information.
Several weeks ago on the podcast I talked about how Apple was changing the way that contractors were analyzing recordings from Siri as part of their “grading” program due to privacy concerns around sensitive and private conversations that were recorded. You may recall that this was also a huge problem for Amazon and Google’s voice assistants as well. Well this past week, Google announced significant changes to how their product, the Google Assistant, handles voice recordings. First, Google says that your audio data is not stored by default and that if you do want it stored, so that it can be used to help improve the Google Assistant, than you can opt-in to this feature. Second, Google has updated their audio settings to highlight that when you choose to opt-in you can choose to opt-out and for existing users that have chosen this already, a chance to review and change the setting if you would prefer. Third, Google said that recordings are never linked to a particular user and that only .2% of all audio recordings are ever analyzed by someone. Lastly, the Google Assistant will automatically delet
Published on 6 years, 3 months ago