DoorDash breach reportedly hits millions

A third-party service stole information from approximately 4.9 million DoorDash customers, delivery workers and vendors, the food delivery service confirmed Thursday in a blog post.

"We took immediate steps to block further access by the unauthorized third party and to enhance security across our platform," the blog reads. "We are reaching out directly to affected users."

The blog post says the data breach happened on May 4.

The information stolen included:

  • Names
  • Email addresses
  • Delivery addresses
  • Order history
  • Phone numbers
  • Hashed, salted passwords (which is a form of rendering the actual password indecipherable to third parties)

Drivers also had their license information stolen.

"We deeply regret the frustration and inconvenience that this may cause you."

- DoorDash's blog entry

DoorDash said some of their customers had the last four digits of their payment cards stolen as well as, possibly, the last four digits of their bank account information. However, the company assures customers the full account information was not stolen.

Reportedly, customers who joined the delivery service after April 5 were not affected.

CLICK TO READ MORE ON FOX BUSINESS

DoorDash claims they did not become aware of the breach until earlier in September.

Load more..