Food delivery company DoorDash is notifying users, Dashers, and merchants of a recent data breach that led to personal information compromise.
The incident was discovered on October 25, the company says in the notifications sent to the impacted individuals, copies of which have been shared on social media.
The data breach was the result of a social engineering attack that targeted one of DoorDash’s employees, the company said in an incident notice on its website.
“The response team identified the incident, shut down the unauthorized party’s access, started an investigation, and referred the matter to law enforcement,” DoorDash says.
The attackers stole user information such as names, addresses, email addresses, and phone numbers. The compromised data pertains to customers, Dashers, and merchants, the company said.
“No sensitive information, such as Social Security numbers or other government-issued identification numbers, driver’s license information, or bank or payment card information, was accessed,” DoorDash says.
More Info