DoorDash says personal information of 4.9M users stolen in data breach

Door Dash is warning that about 4.9 million users of its food delivery app had their personal information stolen during a data breach.

The California-based company says in a statement it launched an investigation after it noticed suspicious activity involving a third-party service provider and determined some Door Dash user data was accessed on May 4. It wasn’t immediately clear when it discovered the breach.

The food delivery app company believes the breach affects about 4.9 million customers, drivers and merchants who joined the app on or before April 5, 2018.

The stolen data may include profile information, the last four digits of consumer payment cards or bank account numbers, and driver’s licence numbers.

However, the company says the perpetrator did not obtain enough information to make fraudulent charges on customers’ payment cards or fraudulent withdrawals from driver and merchants’ bank accounts.

The company is reaching out directly to affected users, though may not have yet connected with every individual involved.

It is encouraging users to change their passwords via a dedicated reset site, and has set up a call centre for round-the-clock support.