Jump to content
Sign in to follow this  

DoorDash Breach Exposes 4.9 Million Users

Recommended Posts

DoorDash Breach Exposes 4.9 Million Users


DoorDash—the popular on-demand food-delivery service—today confirmed a massive data breach that affects almost 5 million people using its platform, including its customers, delivery workers, and merchants as well.

Do you use DoorDash frequently to order your food online?

If yes, change your passwords for DoorDash account and any other online account where you use the same credentials. Do it even if you are not affected—to be on the safer side.

Though the financial information accessed by the hackers are not enough for making fraudulent withdrawals from bank accounts, it is always a good idea to be vigilant and keep a close eye on your bank and payment card statements for any unusual activity and report to the bank, if find any.

You should also mainly be suspicious of phishing emails, which are usually the next step of cyber criminals after a breach in an attempt to trick users into giving up further details like passwords and bank information.

DoorDash is a San Francisco-based on-demand food delivery service (just like Zomato and Swiggy in India) that connects people with their local restaurants and get delivered food on their doorsteps with the help of contracted drivers, also known as "Dashers."

The service operates in more than 4,000 cities across the United States and Canada.

In a blog post published today, DoorDash said the company became aware of a security intrusion earlier this month after it noticed some "unusual activity" from a third-party service provider.

Immediately after detecting the security intrusion, the company launched an investigation and found that an unauthorized third party managed to gain access to DoorDash personal data and in some cases financial data of its users on 4th May 2019.

Yes, you read that right. The data breach happened on 4th May, but it took the company more than four months to discover the security incident.

Based on the company's statement, it appears that the systems for food delivery service itself don't have any potential weakness that may have exposed its users' data in the first place; instead, the incident involves a third-party service provider.

  • Like 1

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this