Montanans Likely Affected by Latest DoorDash Data Breach
The exact number of DoorDash users and drivers affected by a new data breach has not been released yet.
Certain personal information maintained by DoorDash like names, emails, addresses, phone numbers, and partial payment card info have been affected.
If exploited, cybercriminals can create profiles to target victims with spam or phishing attempts which could lead to identity theft.
-(LifeLock email to LifeLock customers on August 26th, 2022)
Frustratingly few details are available about this latest breach, so until hard numbers are released...the best thing to do is protect your account and consider changing your password. I did not know anything about this DoorDash data breach (as a DoorDash user, BTW) until receiving an email from LifeLock:
A data security incident has surfaced. You may or may not have been affected, but as always, we want to remind you that you can take steps to help protect yourself. Check to make sure that you’re updating any software you use, changing your passwords often, and always watching out for phishing attempts.
Not surprisingly, DoorDash has stated that a "small percentage" or users' information was hacked and gathered. That's not particularly helpful when you're trying to figure out if your account was affected in any way.
This current data breach was linked to a third party vendor that fell victim to a phishing attack, and that third party had limited access to certain parts of the DoorDash platform. It has not been disclosed exactly which third party vendor it was or who DoorDash hired to help clean up the breach.
As of now, there's no way to know what the real numbers are but this isn't the first time that DoorDash has been hacked. According to TechCrunch.com:
In 2019, the company reported a data breach affecting 4.9 million customers, delivery workers and merchants who had their information stolen by hackers. It also blamed the breach on an unnamed third-party service provider.