Overview
- DoorDash began emailing affected users on November 13–14 about an October 25 incident and provided a hotline at 1-833-918-8030 with reference code B155060.
- The company says exposed data was limited to contact information such as names, physical addresses, phone numbers, and email addresses.
- DoorDash reports it cut off the unauthorized access, engaged a cybersecurity forensic firm, and referred the matter to law enforcement.
- A mix of consumers, Dashers, and merchants were impacted, though the company has not disclosed how many people were affected or the full geographic scope.
- This marks DoorDash’s third breach since 2019 and has drawn criticism over an apparent 19-day delay in notifications and concerns about the phrasing of its disclosure.