DoorDash Data Breach Hits 4.9 Million Customers, Drivers - NBC Chicago

DoorDash Data Breach Hits 4.9 Million Customers, Drivers

Personal Information Including addresses, phone numbers accessed



    Groupon Records a 3Q Loss
    Getty Images
    This Oct. 9, 2018, file photo shows an insulated delivery bag with the logo for food delivery app Doordash, in the front seat of a Doordash delivery vehicle in Walnut Creek, California.

    DoorDash is delivering bad news to millions of its customers and drivers: their data may have been accessed by hackers.

    In a blog post made Thursday on its website, San Francisco-based DoorDash said an "unauthorized third party" gained access to data for about 4.9 million users earlier this year.

    "Earlier this month, we became aware of unusual activity involving a third-party service provider," DoorDash said. "We took immediate steps to block further access by the unauthorized third party and to enhance security across our platform. We are reaching out directly to affected users."

    DoorDash did not immediately respond to an email inquiry from NBC Bay Area on Thursday afternoon.

    What You Should Know About the Equifax Settlement

    [NATL] What You Should Know About the Equifax Settlement

    Nearly 150 million people could be affected by the largest-ever settlement for a data breach.

    (Published Monday, July 22, 2019)

    According to the post, only users who signed up for DoorDash on or before April 5, 2018 are impacted. Anyone who signed up later than that should not be affected, DoorDash said.

    DoorDash operates a popular food-delivery app, using an Uber-like model connecting drivers and cyclists with hungry customers. Car and bicycle owners can sign up to be delivery drivers, or "Dashers," and receive payment for picking food up at restaurants and bringing it to diners' doorsteps.

    The DoorDash post said hackers infiltrated its system on May 4, and accessed information including customer names, emails, addresses, phone numbers, and encrypted passwords. DoorDash said the passwords could not be deciphered, but it advised customers to change their passwords just in case.

    The company said hackers also accessed the last four digits of some payment cards and bank account numbers, but not full numbers or the three-digit CVV required to authorize payment. DoorDash said full account information was not exposed.

    Drivers are affected, too. DoorDash said about 100,000 of its Dashers' drivers license numbers were exposed.

    While the company reaches out to affected users, it has listed detailed information about the data breach in its blog post. Concerned customers and drivers can also call 855–646–4683 to learn more.

    More Than 100 Million Affected by Capital One Breach

    [NATL]More Than 100 Million Affected by Capital One Breach

    Capital One says a hacker got access to the personal information of over 100 million individuals applying for credit.

    (Published Monday, July 29, 2019)