DoorDash discloses breach exposing user contact data
DoorDash has acknowledged a security incident involving unauthorized access to user information through a social engineering attack that manipulated an employee into providing system credentials. The breach compromised contact details and residential addresses for an unspecified number of customers, delivery drivers, and business partners, though the company declined to quantify affected individuals when questioned.
The platform operator stated that financial records, government identification numbers, and payment credentials remained secure during the intrusion. Officials terminated hacker access upon detection and alerted law enforcement while conducting an internal review.
This marks another cybersecurity challenge for the delivery service, which experienced a separate incident affecting approximately five million accounts several years earlier. The company has begun notifying impacted users, but has not disclosed whether protective measures such as credit monitoring will be provided to those whose personal information was exposed.
