Breach Database / DoorDash
Yes — DoorDash was breached.
- 367,476 accounts affected
- Breach occurred 2022-08-02 · doordash.com
- Verified entry in the Have I Been Pwned catalog
What happened
In August 2022, the food ordering and delivery service DoorDash disclosed a data breach that impacted a portion of their customers. DoorDash attributed the breach to an unnamed "third-party vendor" they stated was the victim of a phishing campaign. The incident exposed 367k unique personal email addresses alongside names, post codes and partial card data, namely the brand, expiry data and last four digits of the card.
What data was exposed
- Email addresses
- Geographic locations
- Names
- Partial credit card data
What to do right now
- Watch your card and bank statements. Set up transaction alerts, and consider a card freeze or replacement if the exposure included full card numbers.
- Expect convincing phishing emails. Attackers use breached details to write personalized emails. Be suspicious of any message referencing this service.
- Check your other accounts on Have I Been Pwned. Your email address may appear in other breaches you don't know about yet.
- Monitor the apps you use going forward. Clearly watches the breach record for the companies behind your apps and alerts you the moment one appears.
Breach data from Have I Been Pwned. Listing here means the service appears in the public breach record — not that your personal data was affected.