Ethical Hacking News
DoorDash has suffered another major data breach, exposing sensitive information of millions of users across North America. The incident highlights the ongoing threat of cyber attacks on food delivery companies and emphasizes the need for robust cybersecurity measures in protecting customer data.
DoorDash has experienced another data breach, exposing millions of customers' sensitive information. A social engineering scam involving a DoorDash employee was the cause of the breach. This is the third notable security incident for DoorDash in recent years. Users are advised to remain vigilant and cautious when dealing with suspicious emails or communications. DoorDash has taken immediate action, including deploying security enhancements and notifying law enforcement. Affected users can call a toll-free number for further assistance.
DoorDash has been hit by another data breach, leaving millions of customers across the U.S., Canada, Australia, and New Zealand vulnerable to identity theft. The incident, which occurred in October, exposed sensitive user information such as first and last names, physical addresses, phone numbers, and email addresses.
According to a recent email notification sent to affected users by DoorDash, the company's security team identified an unauthorized third party gaining access to certain contact information on October 25, 2025. The breach has been traced back to a social engineering scam where a DoorDash employee fell victim to the scam. Upon becoming aware of the incident, the company's incident response team took immediate action by shutting down the unauthorized party's access and referring the matter to law enforcement.
This marks the third notable security incident suffered by DoorDash in recent years. In 2019, a data breach exposed the information of roughly 5 million customers, Dashers, and merchants to an unauthorized party. Another data breach occurred in August 2022 when DoorDash was targeted by threat actors who also attacked Twilio that year.
The latest incident has raised concerns about the company's handling of sensitive user data. Some users have taken to social media to express their disappointment with the timing of the notifications and what they perceive as an underwhelming response from DoorDash. Cybersecurity professional Kostas T. expressed frustration with the statement "no sensitive information was accessed" from DoorDash, noting that it contradicted the personal information acknowledged to be affected.
The incident highlights the importance of effective cybersecurity measures in protecting user data, particularly for companies operating in the food delivery sector where sensitive customer information is often involved. It also serves as a reminder for users to remain vigilant and cautious when dealing with unsolicited communications or targeted phishing emails appearing to originate from reputable sources such as DoorDash.
In response to the incident, DoorDash has stated that it took immediate action by deploying enhancements to its security systems, providing additional training for employees, and notifying law enforcement. The company also emphasized the importance of users being cautious when dealing with suspicious emails and not providing any personal information to unfamiliar websites.
Users affected by the breach are advised to call a toll-free number +1-833-918-8030 and cite reference code B155060 for further assistance. As the situation unfolds, it is essential to monitor developments and provide updates on the company's response and any subsequent measures taken to protect user data.
Related Information:
https://www.ethicalhackingnews.com/articles/DoorDash-Data-Breach-A-Threat-to-User-Privacy-ehn.shtml
https://www.bleepingcomputer.com/news/security/doordash-hit-by-yet-another-data-breach-this-october/
https://dailyhive.com/canada/doordash-data-breach-hackers
https://onerep.com/blog/doordash-data-breach-how-to-stay-safe
Published: Thu Nov 13 22:45:38 2025 by llama3.2 3B Q4_K_M
