DoorDash confirms the rumors of data breach affecting 4.9 million customers. The Food delivery company said in a blog that delivery workers and merchants had their information stolen by hackers.
In September, DoorDash said noticed the unusual activity from third party service provider. On investigating, they found an unauthorized third party was able to access DoorDash user data on 4 may, 2019, added that customers who joined after April 5, 2018 are not affected. DoorDash said they have notified the customers who are affected by this. The breach involved data such as names, email, addresses, order history, phone numbers and encrypted version of passwords. Also in some cases, last four digits of payment cards and bank accounts numbers were accessed. Adding further they said full payment cards, and bank account information were not compromised. Numbering total 100,000 delivery peoples driver’s license number were also accessed. DoorDash stated, they took immediate steps to block the further access and improve security. In response to breach, DoorDash added more security layers to protect people’s data and improved security protocols required to gain access to this data.
DoorDash has instructed their users to change their passwords, if they were not affected but concerned about their security.