Shared from delish

If you’re nervous, change your password.

Photo Credit: SOPA Images/Getty Images

Delivery service DoorDash just announced that it has experienced a data breach that affects around 4.9 million user accounts including customers, merchants, and delivery workers.

DoorDash released a blog post on the matter on Thursday, stating that the service noticed unusual activity from an unnamed “third-party service provider.” When they looked into it, they realized that a third-party service had been able to access DoorDash user data on May 4 of this year.

The post stated that the data breach exposed “profile information including names, email addresses, delivery addresses, order history, phone numbers, as well as hashed, salted passwords” (AKA passwords that are unusable to third parties). It also may have included the last four digits of customers’ credit and debit cards, and the last four digits of merchants and “Dashers” (aka delivery workers’) account numbers. DoorDash was sure to clarify in the blog post that full payment info or account numbers were not accessed and that the info accessed is not enough for someone else to use those cards and accounts. About 100,000 Dashers’ driver’s license numbers were also breached.

Read more…