Particle.news
Download on the App Store
7 ARTICLES
·
3h ago

DoorDash Confirms October Breach Exposed Contact Details for Customers, Dashers and Merchants

DoorDash says a social-engineering scam led to the breach with no payment or ID data exposed.

LOS ANGELES, CALIFORNIA - MAY 08: A view of general atmosphere at the Doordash booth at 'Night Market' presented by The Los Angeles Times on May 08, 2019 in Los Angeles, California. (Photo by Tibrina Hobson/Getty Images for Los Angeles Times Food Bowl)
Image

Overview

  • The company says names, email addresses, phone numbers and physical addresses were accessed for a subset of users across its marketplace.
  • DoorDash reports no evidence of fraud or identity theft tied to the incident and says Social Security numbers, government IDs and payment data were not accessed.
  • An employee was targeted in a social‑engineering attack; DoorDash cut off access, opened a forensic investigation with an external firm and notified law enforcement.
  • The total number of affected individuals remains unspecified, and DoorDash says it has notified impacted users and implemented new security training and system enhancements.
  • The roughly three‑week gap before public notification drew criticism and renewed scrutiny given prior incidents in 2019 and 2022, while DoorDash says Wolt and Deliveroo users were not affected.