DoorDash - We take the security of our community very seriously. Earlier this month, we became aware of unusual activity involving a third-party service provider. We immediately launched an investigation and outside security experts were engaged to assess what occurred. We were subsequently able to determine that an unauthorized third party accessed some DoorDash user data on May 4, 2019.
Not every user was affected. Approximately 4.9 million consumers, Dashers, and merchants who joined our platform on or before April 5, 2018, are affected.Users who joined after April 5, 2018 are not affected.The type of user data accessed could include:
- Profile information including names, email addresses, delivery addresses, order history, phone numbers, as well as hashed, salted passwords — a form of rendering the actual password indecipherable to third parties.
- For some consumers, the last four digits of consumer payment cards. However,full credit card information such as full payment card numbers or a CVV was not accessed. The information accessed is not sufficient to make fraudulent charges on your payment card.
- For some Dashers and merchants, the last four digits of their bank account number. However,full bank account information was not accessed. The information accessed is not sufficient to make fraudulent withdrawals from your bank account.
- For approximately 100,000 Dashers, their driver’s license numbers were also accessed.
Oh good, glad to hear not every user was affected, just a measly 4.9 MILLION people. No big deal. Chump change, right? WRONG. Anytime there's any sort of data breach by any of these corporations, it's a good time to just go ahead and change out that password, you just never know. But then you read further and realize that's the least of your worries. Hackers got not just the last four digits of credit cards, but addresses, phone numbers, profiles, likes and dislikes, etc. Now, of course the official DD statement says that full credit card numbers and CVV numbers weren't accessed but how can they be so sure? I'd be changing everything if I got an email from them directly saying my info was taken. Luckily, I joined after May of this year thanks to Uber Eats and Grubhub drivers taking my food and leaving me with an empty stomach and a few hundred out of my bank account. I guess I just need to start cooking...or socializing by actually walking INTO a restaurant to eat...Damn.