Hackers Stole the Data of 4.9 million DoorDash Users. Here's How to Tell If You Were Affected.

Hackers stole information including names, delivery addresses, contact information, and some credit card information.

By Aaron Holmes

Smith Collection | Gado | Getty Images

This story originally appeared on Business Insider

Delivery service DoorDash suffered a data breach earlier this year that affected the information of 4.9 million users, delivery workers, and restaurants, DoorDash announced Thursday afternoon.

The breach occurred on May 4 and affects people who started using the app before April 5, 2018.

As a result of the breach, an unauthorized third party was able to gain access to users' profile information, including names, email addresses, delivery addresses, order history, and phone numbers.

Related: For the Average Hacker, Your Small Business Is an Ideal Target

The last four digits of some consumers' credit cards were also accessed, but not full card numbers or CVVs. For some delivery workers and restaurants, the unauthorized third party accessed the last four digits of bank account numbers. This credit card and banking information is not sufficient to make fraudulent charges or withdrawals, according to DoorDash.

DoorDash recently surpassed Uber Eats to become the second-largest food delivery service in the US after GrubHub, the parent company of Seamless and Eat24, according to Quartz. It is valued between $6 billion and $7 billion.

Related: Reddit Hacked, Despite SMS Two-Factor Authentication

Months before the data breach was announced, the food delivery app drew controversy over its decision to use tips to subsidize delivery workers' wages, rather than giving tips directly to workers. DoorDash has since announced changes to its tipping policy.

Am I affected by the DoorDash data breach?

DoorDash said it has begun contacting people affected by the data breach and will continue to do so in the coming days.

Anyone who joined DoorDash after April 5, 2018 is not affected and can rule themselves out as a potential victim of the breach.

Related: Why We Need to Worry More Than Ever About Getting Hacked

Even if you haven't been contacted by DoorDash regarding the breach, the app recommends that all users change their password immediately to be safe.

If you have questions for DoorDash about the breach, the company has also set up a help line that can be reached at 855-646-4683.

Read DoorDash's full statement on the breach here.

Related Topics

Editor's Pick

This 61-Year-Old Grandma Who Made $35,000 in the Medical Field Now Earns 7 Figures in Retirement
A 'Quiet Promotion' Will Cost You a Lot — Use This Expert's 4-Step Strategy to Avoid It
3 Red Flags on Your LinkedIn Profile That Scare Clients Away
'Everyone Is Freaking Out.' What's Going On With Silicon Valley Bank? Federal Government Takes Control.

How to Detect a Liar in Seconds Using Nonverbal Communication

There are many ways to understand if someone is not honest with you. The following signs do not even require words and are all nonverbal queues.

Business News

Bad Bunny Is Being Sued By an Ex for $40 Million for Allegedly Using a Voice Note in a Song Without Consent

The Puerto Rican musician has been the most streamed artist on Spotify for the past three years.

Thought Leaders

Finding Investors 101: Understanding Securities Law and Legal Compliance Structures

Learn the basics of legal compliance structures and equip yourself with the foundation to seek and secure investors in a legally compliant way.


Corporate Productivity in the Tech Industry Is Down: What Is the Real Reason?

Why technology professionals are showing a massive decline in productivity since returning to the office.