Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Food delivery is becoming increasingly popular, but here’s bad news for users of one popular company. DoorDash certain It suffered a data breach recently. According to the company, the information accessed included customer names, phone numbers, email addresses and physical addresses, but no “sensitive information” was obtained.
It’s unclear exactly when the hack occurred, but DoorDash issued its statement about the incident on November 13.
Don’t miss any of our unbiased technical content and lab reviews. Add CNET As Google’s preferred source.
How did the data breach happen?
DoorDash reported that an employee at the company “was recently targeted in a social engineering scam.” Information about delivery drivers and customers has been revealed.
After discovering the scam, the company’s response team removed the unauthorized party’s access and reported the incident to law enforcement. DoorDash has since “implemented additional training and awareness for our employees on several social engineering scams,” the company says.
Is my credit card information at risk?
According to DoorDash, the criminals were not able to access banking or payment card information, but they did obtain customer names, phone numbers, email addresses, and physical addresses.
DoorDash also stated that the company has improved its security systems to prevent a similar breach from occurring in the future.
I use DoorDash: What should I do?
Criminals don’t have your banking information, but they may have your personal information. Be wary of messages that may try to scam you using these details.
“It’s always a good idea to be wary of unsolicited communications that ask for your personal information or refer you to a web page asking for personal information, and avoid clicking on links or downloading attachments from suspicious emails,” DoorDash said in its post.
Beware of social engineering scams
There’s something else we can learn from the DoorDash hack. Although we don’t have many details on how to contact the employee, the company says the person was targeted Social engineering. This could mean anything from a criminal posing as a company IT employee, or a co-worker who needs information, to someone sending a malicious link disguised as something useful.
Stay alert to these scams. Look for red flags, like strangers who claim to need information right away, a link that doesn’t match the expected URL, and people contacting you through social media channels they don’t normally use. Choose strong passwords and never share them.
Read more: The scariest online threats of 2025, and how to protect your privacy
Are data breaches common?
As you probably know if you’ve ever received a breach letter from a company, this is a common occurrence in our digital world. CNET previously reported that in 2024companies had 3,158 data breaches.