Food Delivery Apps: A Feast for Hackers, a Famine for Security

Food delivery apps are becoming a prime target for hackers, according to a new report by online fraud detection company Sift. Their data shows a staggering one-in-five accounts (20%) have been hit with attempted breaches. This is significantly higher than the average of just 2.5% across all industries Sift monitors, highlighting a troubling vulnerability within the food delivery sector.

Experts point to the lack of two-factor authentication (2FA) as a major security gap. Sift found only 3.5% of logins on food delivery apps require this extra layer of protection, compared to the 10% average across all apps. This lax approach makes it easier for hackers to crack into accounts.

But why target food delivery apps specifically? The answer lies in the juicy rewards they offer. These accounts often contain valuable information like payment methods, loyalty points, and even order history. Additionally, many users only access these apps sporadically, making unauthorized activity less likely to be noticed.

Once a hacker gains control, the options are plentiful. They can use the account to place fraudulent orders, exploit loyalty programs, or even sell the access on the black market. Messaging apps and social media platforms are rife with channels advertising hacked accounts for various delivery services.

This isn't a new problem. Past breaches have seen hackers exploit Instacart accounts to steal gift card codes, while gig workers haven't been spared either. Drivers for Walmart's Spark delivery service have reported unauthorized access, with hackers using their accounts to shop and fulfill orders.

The industry is taking some steps to address these concerns. Walmart, for example, now requires Spark drivers to verify their identity with periodic selfies. However, such measures aren't foolproof and have sometimes malfunctioned, causing inconvenience for legitimate users.

The battle against food delivery app hacking is ongoing. Stronger security protocols, like mandatory 2FA, are crucial to protect user data and prevent a hacker's feast from turning into a customer's famine.


Related Articles

Next Story