DoorDash data breach exposes customers’ names, emails and addresses
newYou can now listen to Fox News articles!
DoorDash has confirmed a data breach that exposed the personal details of a group of customers, delivery workers and merchants. The stolen information included names, email addresses, phone numbers, and physical addresses. The company said it has no evidence of fraud related to the hack yet, but the event still raises concerns for anyone using the service.
Sign up for my free CyberGuy report
Get the best tech tips, breaking security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – for free when you join my site CYBERGUY.COM Newsletter.
DoorDash says an employee fell for a social engineering scam that allowed an unauthorized party to access basic contact information. (dash door)
How did the DoorDash hack happen?
The company traced the incident to a social engineering attack. An employee fell for a lure that gave hackers access to DoorDash’s systems. Once the company discovered the breach, it closed access, launched an investigation and notified law enforcement. DoorDash also notifies users directly when needed.
The company confirmed that the incident revealed the names, email addresses, phone numbers, and physical addresses of some people in its system. (dash door)
Who was affected by the DoorDash hack
DoorDash said the hack affected a mix of users across its platform. This includes customers, delivery workers and merchants. CyberGuy reached out to DoorDash and a representative gave us the following statement:
“DoorDash recently identified and closed a cybersecurity incident in which an unauthorized third party gained access to basic contact information for certain users whose data DoorDash maintains. Sensitive information, such as Social Security numbers or other government-issued identification numbers, driver’s license information, banking information or payment card information, was not accessed. The information accessed varied by individual and was limited to names, phone numbers, email addresses and physical addresses. We have deployed enhanced security measures, implemented additional employee training, We have engaged an external cybersecurity team to support our ongoing investigation. For more information, please visit our Help Center.
Looking for a cheap cheeseburger? 10 US cities with the best meal deals
If you receive an alert from the company, take steps to protect your information. If you’re using the app but haven’t received a notification, you should still follow the security tips below because exposed contact information can lead to scams long after the breach.
DoorDash says no sensitive information was accessed and investigators found no signs of fraud or identity theft related to the breach. (dash door)
How to protect yourself after a DoorDash hack
Although payment data remains protected, exposed contact details still open the door Tricks. You can reduce your risks with a few smart steps that keep your information safe online.
1) Watch out for phishing attempts
Fraudsters move quickly after a hack. They often send fake alerts that look like real DoorDash messages. These emails or text messages may claim that you need to verify your account or update your payment details. Delete any message that requests personal information or encourages you to click a link. When in doubt, go directly to the official app instead of trusting the message.
2) Use a data removal service
Data brokers collect and resell personal details which are often exploited by scammers. A data removal service pulls your information from those sites. This limits your exposure and makes it harder for criminals to target you. It’s one of the easiest long-term steps you can take to protect your privacy.
Has your phone been hacked? How to tell and what to do
While no service can guarantee complete removal of your data from the Internet, a data removal service is truly a smart choice. It’s not cheap, and neither is your privacy. These services do all the work for you by systematically monitoring and scraping your personal information from hundreds of websites. This gives me peace of mind and has proven to be the most effective way to clear your personal data from the Internet. By limiting the information available, you reduce the risk of fraudsters cross-referencing data from breaches to information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free check to see if your personal information really exists on the web by visiting Cyberguy.com.
Get a free check to see if your personal information is already on the web: Cyberguy.com.
3) Use strong passwords and a password manager
Stronger passwords give you better protection. Create unique passwords for each account so that no single hacker can open up your digital life. A password manager makes this easy by creating secure passwords and storing them securely. It also fills them in automatically, so you spend less time typing.
Next, check if your email has been exposed in previous breaches. Our #1 password manager (see Cyberguy.com) Choice includes a built-in penetration scanner that checks if your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.
4) Turn on multi-factor authentication
Multi-factor authentication (MFA) adds a simple barrier that prevents most intrusion attempts. When you turn it on, you confirm each login with a code or app prompt. This keeps your account secure even if someone knows your password. Most major apps let you enable this setting in the Security section.
5) Use strong antivirus protection
Powerful antivirus software protects you from malicious links and downloads. It scans files in real time and warns you when something appears dangerous. This gives you an extra layer of defense against phishing attempts that attempt to install malware.
The best way to protect yourself from malicious links that install malware, and potentially access your private information, is to install strong antivirus software on all your devices. This protection can also alert you to phishing emails and ransomware, keeping your personal information and digital assets safe.
Get my picks for the best antivirus protection winners of 2025 for Windows, Mac, Android, and iOS at Cyberguy.com
6) Review your account activity
It’s a good idea to check your DoorDash account for anything unusual. Look at your order history, saved addresses and payment methods. If something comes up, update your password and contact DoorDash support immediately. Quick action can prevent a small problem from turning into a bigger problem.
Key takeaways for Kurt
A hack like this reminds us how quickly cybercriminals can exploit a single mistake. DoorDash moved quickly to cut off access and confirm the damage, but exposed contact information still poses risks. Staying alert and using basic security habits can help you avoid problems.
CLICK HERE TO GET THE FOX NEWS APP
What concerns you most about companies holding your personal information, and how would you like to handle such incidents? Let us know by writing to us at Cyberguy.com
Sign up for my free CyberGuy report
Get the best tech tips, breaking security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – for free when you join my site CYBERGUY.COM Newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.