Doordash data breach affected 4.9 million customers, drivers and merchants – CNET

Doordash has suffered a breach. 

SOPA Images/Getty Images

Doordash confirmed a data breach that has impacted 4.9 million users in a blog post on Thursday. The breach, reported earlier by TechCrunch, included information like names, email addresses, delivery addresses, order history, phone numbers, passwords. The last four digits of some consumers' credit cards and bank account numbers was also accessed, but Doordash said the exposed information isn't enough to make a fraudulent purchase.  

Doordash data breach affected 4.9 million customers, drivers and merchants     - CNET

Now playing: Watch this: What to do if your personal information is part of a...

2:42

The company also said about 100,000 Dashers, or drivers, had their driver's license numbers accessed.

The food delivery company said it became aware of suspicious activity with a third-party service provider earlier this month. After an investigation, Doordash said it discovered another breach occurred in early May. Doordash said that users who joined after April 5, 2018 weren't affected. 

"We immediately launched an investigation and outside security experts were engaged to assess what occurred.," Mattie Magdovitz, the company's senior communications manager said in an email. 

Doordash said it blocked the unauthorized user's access, added additional protective security layers around the data, improved security protocols that govern access to systems, and brought in outside expertise.

The company said it doesn't believe that passwords were compromised but encourages users to change them just in case. 

The company said its investigation is ongoing. Doordash is the latest to suffer a data breach after MoviePass and Capital One earlier this year. 

Originally published Sept. 26 at 1:54 p.m. PT.
Update, at 2:06 p.m. PT: Adds comments from Doordash. 

You may also like...