DoorDash Says Personal Information Stolen in Data Breach

Names, addresses, email addresses, and phone numbers were compromised after an employee fell for a social engineering attack.

Food delivery company DoorDash is notifying users, Dashers, and merchants of a recent data breach that led to personal information compromise.

The incident was discovered on October 25, the company says in the notifications sent to the impacted individuals, copies of which have been shared on social media.

The data breach was the result of a social engineering attack that targeted one of DoorDash’s employees, the company said in an incident notice on its website.

“The response team identified the incident, shut down the unauthorized party’s access, started an investigation, and referred the matter to law enforcement,” DoorDash says.

The attackers stole user information such as names, addresses, email addresses, and phone numbers. The compromised data pertains to customers, Dashers, and merchants, the company said.

“No sensitive information, such as ...