(Credit: Cheng Xin/Getty Images)
DoorDash has confirmed that a recent data breach allowed an unauthorized third party to access the personal information of some of its users.
A DoorDash employee was targeted in a social engineering scam, the company says. The attack was identified by an internal team on Oct. 25, after which the unauthorized access was shut down and law enforcement agencies were notified.
Impacted customers should receive notifications via email. The exact number of people affected or the kind of information exposed is unclear, but it may include first and last names, phone numbers, email addresses, and physical addresses of users, DoorDash says.
One bit of positive news for customers here is that no highly sensitive information, such as Social Security numbers, government IDs, driver’s licenses, banking or card details was stolen. Additionally, DoorDash says that as of last week, none of the hacked data has been used for fraud or identity theft. Still, it's a good idea to be on alert for any suspicious emails or texts that ask you to click links or enter personal details.
For more information about the incident, customers in the US and Canada can call 1-833-918-8030 (toll-free), while international customers can dial +1-214-393-3293. The lines are open 6 a.m. to 8 p.m. PST Monday-Friday and 8 a.m. to 5 p.m. PST on weekends, though customers must use “B155060” as a reference code while calling.
DoorDash says it has enhanced its security systems and provided additional training for employees. It suffered a similar breach in 2019 that affected about 4.9 million users, including delivery drivers.