Top 5 startups data breaches in 2019
Every day, we read about a hack that happened on the news.In the startup environment, attacks are more frequent, this is because growth is one of the key metrics of success, either growing revenues, growing users or growing transactions. With growth mentality, features are shipped quickly without proper testing or without embedding the security aspect .
In this article, we are listing 5 of the largest data breaches that happened in 2019 for startups.
1. Canva Data Breach – 139 Million Records:
One liner: Canva is a graphic design platform that allows users to create social media graphics, presentations, posters and other visual content. Canva is used by many startups in different industries.
Valuation, Fund & Investors: The australian company valued at $3.2 billion with a total of 100 Million of vc investment to date from 500 startups,
What happened?: 139 Million Records of personal information includes real names, usernames, email addresses, city and country information was leaked.Canva mentioned that the hacker has gained access to their servers for at least 7 months. You can read the full announcement about the security incident from canva website here
What should you do?: if you used Canva during that time, make sure to change your password.
2. DoorDash Data Breach– 4.9 Million Records:
One liner: DoorDash is an on-demand prepared food delivery service founded in 2013. DoorDash is a Y Combinator–backed company, DoorDash is one of several technology companies that uses logistics services to offer food delivery from restaurants on-demand.
Valuation, Fund & Investors: The Us- company valued at nearly $13 billion with a latest round of $600 million of VC investments.
What happened?: 4.9 Million users, delivery workers, and restaurants were leaked. The data includes user’s profile information, including names, email addresses, delivery addresses, order history and phone numbers. DoorDash mentioned that a third party has gained unauthorized access to their servers. You can read the full announcement about the security incident from DoorDash blog post here
What should you do?: if you used DoorDash during that time, make sure to change your password.
3- Houzz Data Breach:
One liner: Houzz is a website and online community about architecture, interior design and decorating, landscape design and home improvement. You can use Houzz to order furniture from your mobile using the pictures that are posted from suppliers.
Valuation, Fund & Investors: The Us- company valued at nearly $4 billion with a latest round of $400 million of VC investments.
What happened?: unknown number of users was hacked. However, some unofficial resources mentioned it was about 49 million users. Houzz mentioned that a file that has users personal details and passwords has been obtained by an unauthorized party. You can read the full announcement about the security incident from Houzz website here
What should you do?: if you used Houzz during that time, make sure to change your password.
4- EatStreet Data Breach - 6 Million Users:
One liner: EatStreet is an American online food ordering service that acts as a centralized marketplace, where diners can order delivery and takeout from restaurants in their area.
Valuation, Fund & Investors: The Us- company has a total fund of nearly $45 Million.
What happened?: Nearly 6 Million users data was stolen this includes information of the users names, phone numbers, email addresses, bank accounts, and routing numbers for restaurants and delivery services. Also, data about the third-party delivery services company that EatStreet partnered with.There is also a possibility that the hacker had access to credit card numbers, expiration dates, card verification codes and billing addresses. Eatstreet mentioned that an authorized third party gained access to their database who were able to acquire critical informa including users personal details, bank account and routing information. EatStreet sent mails to its users, partners and restaurants which can you read them from here
What should you do?: if you used EatStreet during that time, make sure to change your password.
5- WyzAnt Data Breach:
One liner: Wyzant is an online services marketplace in educational technology for matching tutors with students
Valuation, Fund & Investors: The company had raised a total funding of $21.5 million from prestigious investors like Accel Partners,
What happened?: unknown number of users were hacked. personal information was leaked including names, usernames, email addresses, zip code and facebook profile pictures, for users who login with their facebook profile. The company sent an announcement to its users to inform them about the security incident that you can read about here.
What should you do?: if you used WyzAnt during that time, make sure to change your password.
While the data breaches mentioned above are startup focused, 2019 witnessed attacks on other larger companies too like Facebook, Instagram, Capital One, Adobe, Marriott Hotel, Dubsmash, Armor Games and many others.If you would like to know if your information has been hacked in those attacks or others, you can check Have I Been Pwned? Website. This website helps users to know if they became a victim if their accounts were compromised.It is important to periodically check the updates of website breaches to know if your account has been hacked. Also make sure to apply the best practices for password protection.You can read the article Your password got hacked ? Top 7 ways to protect it to give you a brief about that.