DoorDash Announces Privacy Breach, Urges Customers To Change Passwords

LOS ANGELES (CBSLA) — A privacy breach involving millions of DoorDash customers may have compromised user data including names, phone numbers and even partial credit card numbers, the company announced Thursday.

Emails sent to affected DoorDash users revealed an "unauthorized third party" accessed the mobile delivery company's user data back on May 4. The company said approximately 4.9 million customers, drivers and merchants who joined the app on or before April 5, 2018, were affected.

According to the email, profile information including names, email addresses, delivery addresses, order history, phone numbers, "hashed" passwords, and for some users, the last four digits of consumer payment cards.

Doordash added that full credit card information was not accessed, meaning the data "is not sufficient to make fraudulent charges on your payment card."

The company says it immediately blocked the unauthorized user and are working to improve security protocols.

In the meantime, users were encouraged to change their account passwords.

"We do not believe that user passwords have been compromised, but out of an abundance of caution, we are encouraging all of those affected to reset their passwords to one that is unique to DoorDash," the company said in a statement.

Users can get more info on the DoorDash site or via a dedicated call center available 24 hours a day at (855) 646-4683.

Read more
f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.