An unauthorized third-party hacked into the database of DoorDash on May 4, affecting 4.9 million users, the company food delivery app confirmed in a Friday blog post.
The hacker or hackers could have gained access to names, contact information, addresses, the last four digits of users’ credit cards and the license numbers of about 100,000 delivery drivers, according to the blog post.
“We immediately launched an investigation and outside security experts were engaged to assess what occurred,” DoorDash spokeswoman Mattie Magdovitz said in a statement to TechCrunch. (RELATED: Equifax Forced To Pay $700 Million In The Largest Data Breach Settlement In History)
Breaking: DoorDash confirms a data breach affected 4.9 million consumers, delivery workers, and merchants. https://t.co/1XQHxSZOn3
— Zack Whittaker (@zackwhittaker) September 26, 2019
DoorDash added that full payment card information and bank information, however, were not accessed in the breach. The company also believes passwords are safe and that the breach only affected users who joined the app after April 5, 2018, according to the blog post.
The delivery company added that it has taken steps to block the hacker after they first learned of the breach earlier in September and is reaching out to those users who may have been affected. It is also taking steps to improve security measures on the app.
DoorDash did not immediately respond to the Daily Caller News Foundation’s request for comment.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact firstname.lastname@example.org.