Screenshot
Doordash has announced a data breach that exposed the data of some of its customers, Dashers, and merchants. The exposed data included customers’ names, email addresses, physical addresses, and phone numbers.
Doordash assures its customers that no Social Security numbers, driver’s license information, bank or payment card information, or other sensitive personal or financial information was accessed by the bad actors.
Our team recently identified and shut down a cybersecurity incident that involved an unauthorized third party gaining access to and taking certain user information.
Importantly, no sensitive information was accessed by the unauthorized third party and we have no indication the data has been misused for fraud or identity theft at this time.
The food delivery service says that it has responded to the breach by put a number of security safeguards in place, and that it has reported the attack to law enforcement officials. The measures included bringing in a third-party firm to assist in the investigation and to provided specialized support.
The breach was apparently caused by hackers targeting a Doordash employee in a social engineering scam. The company says it has not launched additional training for employees that is designed to make them more aware of these types of schemes.
The delivery company says once the incident was discovered, it immediately shut down the unauthorized party’s access to its systems. An investigation was launched, and law enforcement was also contacted.
If you’re concerned that your data may have been included in the data breach. There are two toll free phone numbers that can be used to contact a dedicated response call center: +1-833-918-8030 (toll-free) for US and Canada and +1-214-393-3293 for international callers. Operators are available Monday to Friday, 6am-8pm PST, and weekends, 8am-5pm PST. Operators are available in English and French. Use reference code B155060 when calling.
We’ve seen numerous other data breaches over the last few years, as bad actors increasingly seek to steal the data of companies like Doordash. Only time will tell just how damaging this most recent breach turns out to be.
Doordash customers are urged to stay alert for possible phishing attacks related to the breach. You should never click on a link in a text message or email, unless you have specifically requested such a message. Always log into the company’s website by either manually typing in the URL or by clicking a previously saved link.