DoorDash data breach exposes customer names, emails and addresses
NEWYou can now listen to Fox News articles!
DoorDash has confirmed a data breach that exposed the personal information of customers, delivery workers and merchants. The stolen information included names, email addresses, phone numbers and physical addresses. The company said there was no evidence of fraud linked to the breach so far, but the incident still raises concerns for anyone using the service.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent safety alerts and special deals straight to your inbox. You’ll also get instant access to my Ultimate Scam Survival Guide — free when you join me CYBERGUY.COM bulletin.
DoorDash said an employee fell for a social engineering scam that allowed an unauthorized party to access basic contact information. (Door Indicator)
How did the DoorDash breach occur?
The company traced the incident to a social engineering attack. An employee fell into a trap that gave hackers access to DoorDash systems. After detecting the breach, the company shut down access, launched an investigation, and notified law enforcement. DoorDash also notified users directly when necessary.
The company confirmed the names, email addresses, phone numbers and physical addresses of some people in its system that were exposed in the incident. (Door Indicator)
Who was affected by the DoorDash breach?
DoorDash said the breach affected several users on its platform. This includes customers, delivery workers and merchants. CyberGuy reached out to DoorDash and a representative gave us the following statement:
“DoorDash recently detected and closed a cybersecurity incident in which an unauthorized third party accessed and obtained basic contact information for some users whose data was retained by DoorDash. No sensitive information, such as Social Security numbers or other government-issued identification numbers, driver’s license information, or bank or payment card information, was accessed. The information accessed varied by individual and was limited to names, phone numbers, email addresses, and physical addresses. We implemented enhanced security measures, implemented additional employee training, and engaged an external cybersecurity firm. Please visit our Help Center for more information to support our ongoing research.”
ARE YOU LOOKING FOR A CHEAP CHEESEBURGER? 10 AMERICAN CITIES OFFERING THE BEST FOOD DEALS
If you receive an alert from the company, take steps to protect your information. If you’re using the app but haven’t received a notification, you should still follow the security tips below because exposed contact information could lead to fraud long after the breach.
DoorDash said no sensitive information was accessed and investigators found no signs of fraud or identity theft linked to the breach. (Door Indicator)
How to protect yourself after a DoorDash breach?
Although payment data remains protected, exposed contact information can still open the door to payments. fraud. You can reduce your risk with a few smart steps that will keep your information safer online.
1) Watch out for phishing attempts
Scammers act quickly after a breach. They often send fake alerts that look like real DoorDash messages. These emails or texts may claim that you need to verify your account or update your payment details. Delete any messages that ask for personal information or ask you to click on a link. When in doubt, go directly to the official app rather than relying on a message.
2) Use a data removal service
Data brokers collect and resell personal details, which scammers often exploit. A data removal service works to pull your information from these sites. This limits your exposure and makes it harder for criminals to target you. It’s one of the easiest long-term steps you can take to protect your privacy.
HAS YOUR PHONE BEEN HACKED? HOW TO EXPLAIN AND WHAT TO DO?
While no service can guarantee complete removal of your data from the internet, a data removal service is truly a smart choice. They’re not cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically deleting your personal information from hundreds of websites. This is what gives me peace of mind and has proven to be the most effective way to delete your personal data from the internet. By limiting the information available, you reduce the risk of fraudsters cross-referencing data obtained from breaches with information they can find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and run a free scan to see if your personal information is already on the internet by visiting: cyberguy.com.
Take advantage of free scanning to find out if your personal information is already on the internet: cyberguy.com.
3) Use strong passwords and a password manager
Stronger passwords give you better protection. Create unique passwords for each account so no single breach can unlock your digital life. A password manager makes this easy by creating secure passwords and storing them securely. It also autofills them so you spend less time typing.
Next, see if your email has been subject to past breaches. Our #1 password manager (see cyberguy.com) pick includes a built-in breach scanner that checks to see if your email address or passwords appear in known leaks. If you find a match, immediately replace reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2025 at: cyberguy.com.
4) Turn on multi-factor authentication
Multi-factor authentication (MFA) adds a simple barrier that blocks most intrusion attempts. When you turn it on, you confirm each sign-in with a code or app prompt. This keeps your account safe even if someone learns your password. Most major apps allow you to enable this setting in the Security section.
5) Use strong antivirus protection
Powerful antivirus software protects you from malicious links and downloads. It scans files in real time and alerts you when something looks dangerous. This gives you an extra layer of defense against phishing attempts that try to install malware.
The best way to protect yourself from malicious links that install malware and potentially access your private information is to have strong antivirus software installed on all your devices. This protection also keeps your personal information and digital assets safe by alerting you to phishing emails and ransomware scams.
Get my picks for the 2025 best antivirus protection winners for your Windows, Mac, Android, and iOS devices at: cyberguy.com
6) Review your account activity
DoorDash helps you check your account for anything unusual. See your order history, registered addresses and payment methods. If there is a problem, update your password and contact DoorDash support immediately. Taking quick action can prevent a small problem from becoming a larger problem.
Kurt’s important takeaways
A breach like this reminds us how quickly cybercriminals can exploit a single mistake. DoorDash moved quickly to cut off access and verify the damage, but exposed contact information could still pose a risk. Being careful and using basic safety habits can help you avoid problems.
CLICK TO REACH THE FOX NEWS APPLICATION
What concerns you most about companies holding your personal information and how would you like them to handle such incidents? Let us know by writing to us. cyberguy.com
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent safety alerts and special deals straight to your inbox. You’ll also get instant access to my Ultimate Scam Survival Guide — free when you join me CYBERGUY.COM bulletin.
Copyright 2025 CyberGuy.com. All rights reserved.
