A DoorDash data breach exposes personal customer data

Ecommerce delivery service DoorDash Inc. said hackers who breached the computer system of a vendor exposed customer data, including phone numbers, email and delivery addresses.

The hackers got access to some of DoorDash’s internal tools by using a phishing attack on a third-party vendor that exposed employee credentials, the company said Thursday in a blog post. But DoorDash said it “swiftly disabled” the vendor’s access to its systems. It didn’t name the vendor.

The DoorDash blog post said: “Importantly, the phishing campaign did not compromise sensitive information, and we have no reason to believe that affected personal information has been misused for fraud or identity theft at this time.”

Want to read more? Unlock Free Strategy Membership