Food Delivery Industry and Modern Challenges of Cyber Security
NEWS
By Pakurity on Mon May 24 2021
Since 1990s online shopping is growing and gaining its share among other sales channels from one year to another steadily. COVID pandemic hastened this process only. New circumstances compelled people to change their customer behavior. At the same time businesses looked for new ways not even to run a business but save them. The saving way is in online shopping. And when one door closes another one opens. It happened to food delivery service providers and food industry. Although food delivery service was first offered to customers in 1994 by Pizza Hut in the United States, the industry's significant growth only came after increasing marketing budgets and technology investments in the 2010s. According to data in the platform Statista [1], the market size of the global online food delivery services was expected to reach 111.32 bn. USD, but in fact hit 115 bn. USD [2], and the forecast is 126.91 bn. USD in 2021. So, food delivery apps/platforms will undoubtedly continue to play an enormous role in the restoration of the food industry and growth of food delivery services. And Statista [3] says that the number of users is expected to amount to 965.8 m users by 2024 in the Platform-to-Consumer Delivery segment, that is more than one in nine people will order food online.
And now we came to the point where technology is confronted with the challenges. Ordering online can mean making personal information, including payment details, vulnerable to hackers and third-party service providers. Besides, delivery personnel and companies' data are at risk too.
In May 2019 US based company DoorDash that operates in US and Canada market announced about the breach of nearly 5 million user records by an unauthorized third party [4]. The records included data of DoorDash merchants, its Dasher delivery personnel and end-user consumers.
In March 2020 hackers have launched a distributed denial-of-service (DDoS) attack on Germany-based food delivery service Takeaway.com that provides delivery services from more than 15,000 restaurants [5]. Attackers demanded around 11 thousand US Dollars in bitcoins. Denial-of-service attack (DoS attack) makes a machine or network resource unavailable to the users by temporarily or indefinitely disrupting services of a host connected to the Internet.
In October 2020 US company Chowbus, which operates in Australia, Canada and the United States and has several hundreds of thousands of customers, faced hacker’s attack. As a result customers’ data was stolen, and offenders emailed victims a link pointing to the stolen data. A total of 4,300 records was reportedly included in the CSV file for restaurants, while the file for users had 803,350 entries.
In May 2021 a group of hackers gained an access to the data of six million customers, as well as couriers and employees of the Glovo delivery service [6]. Leaked information contains names, phone numbers, passwords and payment system data. According to unconfirmed reports, it is being sold for 85,000 US Dollars on the darknet. Glovo provides its delivery services in some African countries and European ones, including Ukraine. Therefore, Ukrainian business can say that they faced cyber threats and their challenges too.
As specialists in cyber security, we see several ways to mitigate the risk of information leakage, including personally identifiable information (PII), in this service sector:
- maintaining zones of security to prevent threat migration
- protecting critical control points
- monitoring system implementation to detect incidents at early stages and accelerate efficiency of their handling
- implementation of personal data protection compliant with international standards such as GDPR, PCI-DSS
- conducting regular information security audits in general and mobile applications audits and/or tests in particular, as the most commonly used for ordering food delivery services.
These actions will diminish an extent of damage that incidents may cause, save reputation and probably business. In conclusion, we would like to emphasize a fact that cyber security threats are far beyond sci-fi movie industries already, that’s what we deal with daily. Hackers’ attacks damage countries’ infrastructures, bring inconveniences to home PC’s users and incur losses to businesses. For that reason, only a set of measures will enhance security considerably.
If you are focused on revenue and customer growth as much as on security of your customers’ data and your business model, then you are already at the right place. We can help you to handle your problems and mitigate the risks in the following way:
- a mobile application audit
- development of information security management system (ISMS) and data privacy.
Be at the head of your industry with our assistance! Contact us
[5] https://cisomag.eccouncil.org/attackers-launch-ddos-attack-on-food-delivery-startup-liefrando/