Once again, DoorDash has found itself in the headlines for all the wrong reasons. As if the app’s recent tipping scandal wasn’t enough, last Thursday, news broke that the third-party delivery company has been hacked.

In a blog post, DoorDash explained that it had noticed unusual activity from an unauthorized third-party service provider back in September. After conducting an investigation, the company concluded that the data of 4.9 million users had been compromised. On May 4, 2019 a group of hackers accessed their data.

Among the data included in the breach were the names, addresses, emails, phone numbers, and encrypted passwords of customers, delivery drivers, and restaurants alike. Roughly 100,000 delivery drivers’ license numbers were exposed, and information about customer and restaurant credit cards and bank accounts were also made available. 

What Does the Breach Mean for You?

While full bank account and payment information weren’t released, the hackers were able to gain access to the last four digits of customer cards and the final four digits of bank accounts for restaurants and delivery drivers. Luckily, DoorDash has assured all of its users that the information made available was not enough for hackers to be able to make fraudulent purchases. In other words, the hackers will not cause you financial ruin — it’s not the end of the world.

According to DoorDash, only those who created an account on or before April 5, 2018 were affected. As a result, users who joined DoorDash after the specified date do not need to be concerned that their data was leaked. Anyone who was affected by the breach should receive a notification from DoorDash, if they haven’t already.

In an attempt to prevent future breaches, DoorDash has blocked the initial hackers and is currently working to increase app security. In the meantime, the company has recommended that all users — whether or not they were affected by the breach — change their passwords immediately as a precaution. DoorDash has also recommended that those affected by the breach continue to monitor their bank accounts in case of suspicious activity.

DoorDash has set up a phone line for users who may have questions or concerns regarding the breach. For more information, the company can be contacted at 1-855-646-4683.