DoorDash Data Breach: Hackers Steal Data Of 4.9 Million Customers, Staff
Food delivery company DoorDash has confirmed that it suffered a data breach and hackers stole information on 4.9 million customers, delivery workers, and merchants.
The breach reportedly happened on May 4. However, the food delivery company noted that the data of customers who joined after April 5, 2018, was safe and the breach did not hit them.
DoorDash spokesperson Mattie Magdovitz blamed a “third-party service provider” for the breach without mentioning the third-party.
The spokesperson also added that investigation has been launched and external security experts have been approached to ascertain the scale of data break.
Detailed customer data
According to DoorDash, hackers took away user information that covered name, email, delivery addresses, order history, phone numbers, and salted passwords.
The company said although the last four digits of customer payment cards and credit cards had been lifted, the full numbers and card verification values (CVV) were not taken.
But the last four digits belonging to the bank account numbers of delivery workers and merchants were stolen. Driver- license information of 100,000 delivery workers was also gone.
DoorDash based in San Francisco was founded in 2013 by a few Stanford students and had rapid growth. It provides logistics services to deliver food to end customers at their places by procuring from restaurants on-demand.
DoorDash is now present in more than 600 cities across North America.
Among DoorDash’s competitors, most formidable has been Seamless. The online food ordering service now merged with Grubhub and operates under the brand name Grubhub.
Users urged to reset passwords
Doordash app continues to be popular among foodies going by the download rate at the Play Store app. For youth, the DoorDash driver position has been lucrative just as Grubhub driver jobs as opportunities to raise side income.
The flexibility in terms of time and delivery locations by driving or biking made Dash driver positions more appealing, unlike seasonal gigs. The delivery is further monitored by the DoorDash customer service number.
Meanwhile, DoorDash update sought to reassure customers and said it has taken additional steps to secure customer data and added more protective security layers, and improved security protocols.
DoorDash urged all users to reset their passwords in the wake of the data hacking.
Last year some DoorDash customers complained that their accounts had been hacked. But the company denied any data breach and said it could be credential stuffing attacks, in which hackers use lists of stolen usernames and passwords to try on sites where the same passwords are used.
© Copyright IBTimes 2024. All rights reserved.