DoorDash Announces Data Breach Affecting 4.9 Million People

By Ilene Eng

SAN FRANCISCO—Nearly 5 million people in San Francisco have had their personal data breached, food delivery company DoorDash said.

DoorDash, which is headquartered in San Francisco, announced Thursday a data breach affecting 4.9 million people.

The company says they found unusual activity with a third-party service provider earlier this month, and did some investigation. They found that some user data was accessed on May 4 this year.

Those affected are consumers, delivery drivers, and merchants who joined the platform on or before April 5, 2018. They said those who joined after that date are not affected.

Information accessed included names, emails, and addresses. For some, the last four digits of credit card information and bank accounts were accessed, but the company emphasized that full numbers were not accessed and that the data is not enough to make fraudulent charges or withdrawals.

In addition, about 100,000 delivery drivers’ licenses were accessed.

The company’s spokesperson referred NTD to their website’s FAQ page when we reached out with questions.

The service company says it has added security to its data, and asks that those affected change their passwords.