DoorDash Reports A Security Breach Affected 4.9 Million Users

On September 26, the US food delivery service DoorDash reported that 4.9 million of its users were attacked by a security breach. As revealed by the company, an authorized third-party illegally accessed its users’ information including merchants, delivery drivers on May 04, 2019. All of these victims became members of DoorDash before and on April 05, 2018.

The targeted information included names, phone numbers, email addresses, order histories, physical addresses (that were used for delivery), and passwords. DoorDash, in fact, used hashing and salting techniques to encrypt all of the data. It has now advised its users to change their passwords, although the company doesn’t believe that hackers read any passwords on its platform.

According to the San Francisco-headquartered company, this security breach also aimed at the last 04 digits of its consumers’ payment cards. Luckily, it couldn’t get the entire payment information, for instance, CVV security codes or the whole card numbers. However, the worst part hailed from the fact that about 100,000 drivers of DoorDash had their full license numbers were revealed.

The company, right after that, has protected users’ private data by adding many new security layers. Also, it has upgraded the existing security protocols which allow users to access the system.

DoorDash is contacting the victims of this security breach; however, it hasn’t yet offered any other specific detail on what its affected users need to do at this moment.