DoorDash has disclosed a cybersecurity incident the place unauthorized actors gained entry to consumer contact data following a social engineering assault focusing on an organization worker.
The meals supply platform confirmed that non-public information was compromised. Nevertheless, it highlighted that no delicate monetary or government-issued identification data was accessed.
On October 25, 2025, DoorDash recognized unauthorized third-party entry to its methods ensuing from a social engineering rip-off focusing on an worker.
The corporate’s safety crew shortly detected the intrusion, terminated the unauthorized entry, and launched an investigation into the incident.
Regulation enforcement authorities have been notified and are conducting an ongoing investigation. The breach affected consumer contact data, which diverse by particular person.
Uncovered information might have included first and final names, telephone numbers, e-mail addresses, and bodily addresses. DoorDash said that no delicate data was accessed throughout the incident.
Notably, Social Safety numbers, government-issued identification numbers, driver’s license particulars, and financial institution or cost card data remained safe.
DoorDash reported no proof that the stolen information had been misused for fraud or identification theft functions. DoorDash has applied a number of safety enhancements following the breach.
The corporate deployed upgraded safety methods designed to detect and stop related malicious actions.
Further worker coaching applications specializing in social engineering consciousness have been launched to strengthen defenses in opposition to future assaults.
An exterior cybersecurity agency was introduced in to help the investigation and supply specialised experience. DoorDash targeted on its dedication to steady safety enchancment and defending consumer privateness.
DoorDash tells affected customers to watch out about sudden messages that ask for private data.
Customers ought to keep away from clicking unsafe hyperlinks or downloading attachments from unknown sources and chorus from sharing private information on unfamiliar web sites.
Observe us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to function your tales.
