The popular new delivery service known as DoorDash has released a blog post stating that 4.9 million users are directly affected after the discovery of a recent data breach.
“Earlier this month, we became aware of unusual activity involving a third-party service provider. We immediately launched an investigation and outside security experts were engaged to assess what occurred,” stated the company on their website.
Not every user was affected. Approximately 4.9 million consumers, Dashers, and merchants who joined our platform on or before April 5, 2018, are affected. Users who joined after April 5, 2018 are not affected.
“We have taken a number of additional steps to further secure your data, which include adding additional protective security layers around the data, improving security protocols that govern access to our systems, and bringing in outside expertise to increase our ability to identify and repel threats,” they said on steps taken to further secure customers information.
The type of user data accessed could include:
- Profile information including names, email addresses, delivery addresses, order history, phone numbers, as well as hashed, salted passwords — a form of rendering the actual password indecipherable to third parties.
- For some consumers, the last four digits of consumer payment cards. However, full credit card information such as full payment card numbers or a CVV was not accessed. The information accessed is not sufficient to make fraudulent charges on your payment card.
- For some Dashers and merchants, the last four digits of their bank account number. However, full bank account information was not accessed. The information accessed is not sufficient to make fraudulent withdrawals from your bank account.
- For approximately 100,000 Dashers, their driver’s license numbers were also accessed.
The data may have also included profile information such as names, emails, delivery addresses, phone numbers, as well as the driver’s license numbers of nearly 100,000 delivery executives.
“We are reaching out directly to affected users,” said DoorDash, “We deeply regret the frustration and inconvenience that this may cause you. Every member of the DoorDash community is important to us, and we want to assure you that we value your security and privacy.”
For further information on how to contact the company and get further details on the matter if you think you have been affected click here.