DoorDash says 4.9 million users exposed in privacy breach

DoorDash says 4.9 million users exposed in privacy breach
© Getty

The food-delivery platform DoorDash revealed on Thursday that 4.9 million of its users, vendors and delivery workers were exposed in a data breach to an “unauthorized third party.”

The company said in a blog post on Thursday that the exposed information included sensitive financial data like partial credit card and bank account numbers but not enough to make fraudulent purchases.

DoorDash said that the exposed information could include names, order history, email addresses, delivery addresses and phone numbers.

It’s unclear who accessed the data, which only covered people who had joined the platform before April 5, 2018. The breach, which was first discovered earlier this month, occurred on May 4 of this year.

“We took immediate steps to block further access by the unauthorized third party and to enhance security across our platform,” the blog post reads. “We are reaching out directly to affected users.”

DoorDash said that no user passwords had been compromised but encouraged users to change their passwords if they had any concerns about their security.