DoorDash announced a data breach that impacts 4.9 million consumers, Dashers, and merchants who signed up with the platform on or before April 5, 2018.
The company has learned an unusual activity earlier this month, they have launched an investigation with assistance from external security researchers. The investigation determines an unauthorized third party to DoorDash user data on May 4, 2019.
The company has not provided any details about how the hackers gain access to the data stored and they confirmed that they have blocked the unauthorized user.
Exposed data includes names, email addresses, delivery addresses, order history, phone numbers, as well as hashed, salted passwords, last four digits of payment card details, last four digits of bank account numbers 100,000 Dashers driver license.
According to the report, not all the customers who joined before April 5, 2018, are affected. Also the companies no user joined after April 5, 2018, were affected.
“We took immediate steps to block further access by the unauthorized user and to enhance security across our platform.”
“We do not believe that user passwords have been compromised and the information accessed is not sufficient to make fraudulent charges on payment cards or fraudulent withdrawals from bank accounts.” DoorDash said.
The company started notifying affected users, if you are the one affected then it is recommended to reset their DoorDash password associated with the DoorDash account.
DoorDash is a San Francisco–based food delivery service found in 2013, the company delivers door-to-door delivery from restaurants on-demand.
Related Coverage
British Airways Facing £183.39 Million Fine Under GDPR for 2018 Data Breach
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
A new research report released today by Progressive International, Expose Accenture, and the Movement Research…
Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced Persistent…
The More_Eggs malware, operated by the financially motivated Venom Spider group (also known as Golden…
Datadog Security Research has uncovered a formidable new cryptojacking campaign dubbed "RedisRaider," specifically targeting Linux…
Cybercriminals are leveraging the Python Package Index (PyPI) to distribute malicious tools designed to exploit…
Biotechnology giant Regeneron Pharmaceuticals has emerged as the successful bidder in the bankruptcy auction for…