DoorDash Data Breach : 4,9 millions data affected
Founded in 2013 and based in San Francisco (USA), DoorDash is an american food delivery company. On September 26th, the company revealed that approximately 5 million data (related to customers, delivery workers and restaurants) are affected by a data breach.
In a blog post, DoorDash deals with an « unauthorized third party accessed some DoorDash user data on May 4, 2019 ». After this discovery, the company took immediately measures to block access by the unauthorized third party and to enhance the security on their platform.
But which data was accessed ?
The third party had access to profil informations, including : names, email addresses, delivery addresses, phone numbers, order history, passwords.
For some customers, the last four numbers of payment cards. For some restaurants and delivery workers, the last four numbers of their bank account number. Approximately for 100.000 delivery workers, their driving licence number were also accessed.
Who was affected by this data breach ?
The data breach concerned approximately 4,9 million customers, delivery workers and restaurants who joined the DoorDash platform on or before April 5th, 2018. Users who joined the platform after this date, were not affected. However, DoorDash recommends that unaffected users must change theirs passwords for more security.
After this event, DoorDash is in big competition with GrubHub and Uber Eats. The company will must to regain people’s trust.