DoorDash Data Breach Impacts 4.9M Users - Experts Comments

Experts Comments (20)

DoorDash has confirmed a data breach impacting 4.9 million users including customers, delivery workers (Dashers) and merchants. The food delivery company said that the breach happened on May 4 and that customers who joined after April 5, 2019 are not affected. It’s still unclear why it took several months for DoorDash to publicly address the incident.

  • Users who joined the platform before April 5, 2018 had their name, email and delivery addresses, order history, phone numbers and hashed and salted passwords stolen.
  • Consumers had the last four digits of their payment cards taken, though full numbers and card verification values (CVV) were not taken.
  • Both delivery workers and merchants had the last four digits of their bank account numbers stolen.
  • Around 100,000 delivery workers had their driver’s license information stolen.