DoorDash data breach leaves important customer details exposed

A sophisticated phishing attack has left customers' personal information and partial payment information exposed to hackers.

August 29, 2022 by Chance Townsend, Mashable

Food delivery giant DoorDash has confirmed a data breach that has left customers’ personal information exposed to hackers, the company announced in a statement Wednesday.

DoorDash stated that an “undisclosed number of customers had their names, email addresses, delivery addresses, phone numbers, and partial payment card numbers” stolen. For drivers with the company, hackers were able to access names, phone numbers, and email address information.

In its statement, DoorDash explained that the breach was the result of a third-party vendor that was hacked through a sophisticated phishing campaign. Employees of the vendor had credentials that were stolen that were then used to access DoorDash’s internal tools. The company said it cut off the third-party vendor’s access to its systems after discovering “unusual and suspicious” activity.

DoorDash did not state any timeline of discovery of the breach. A spokesperson with DoorDash told TechCrunch that the company took time to “fully investigate what happened, which users were impacted and how they were impacted” before disclosing the data breach.”

DoorDash data breach leaves important customer details exposed

A sophisticated phishing attack has left customers' personal information and partial payment information exposed to hackers.

Featured

Leadership is lonely—but you are not alone

Strategic planning vs. strategic thinking

Credit unions can play a role in preventing ‘supply chain’ cyber attacks

Order ahead, stay ahead: Exceeding member expectations

Stay connected to the credit union community with our free newsletter!

You have Successfully Subscribed!