DoorDash has confirmed that it has gone through a breach of data, which has affected more or less 4.9 million people from the fraternity of merchants and deliver people. In a recent blog, which was posted on Thursday, DoorDash stated that it has noticed some unusual activities from a 3rd party vendor earlier this month.
After sufficient investigation of the activity was conducted, it was revealed on March 4, 2019 that an unauthorized 3rd party vendor was getting access to the user database of DoorDash. Following this revelation, DoorDash stated that it immediately tool counteractions for blocking further access to its database by that unauthorized vendor. At the same time, it said it has improved the safety and security of its database to thwart any such unauthorized access from any quarter in the future.
Those who were affected by the access had joined DoorDash either on or before April 5, 2018. Those who had joined after that date were not affected. The company in this regard had revealed that it will be notifying all those who were affected by the incident. This was revealed by the company in a blog post.
The breach that took place included data like email addresses and names, order history and delivery addresses, phone numbers and encrypted password versions. In some cases, the final four digits of the payment card number and the bank accounts were accessed. However, it was revealed in the blog post that the information regarding the bank account and the full number of the payment car were not breached and accessed. However, almost 100,000 delivery personnel had their driver license numbers were used.
Following the security breach, DoorDash has added additional safety and security layers for protecting people’s database and has improved the protocols needed to gain access to the data in the future. The on-demand food delivery service has advised those who are not affected but are concerned about the breach to change respective passwords.