About 4.9 million people may have had some credit card and bank information exposed in a DoorDash hack last month.
Though DoorDash said in a blog late last week that the company doesn’t think passwords were breached, leaders recommended changing all account passwords to something unique to DoorDash.
The company that delivers food from several restaurants said the nearly 5 million people impacted all joined on or before April 5, 2018. Anyone who joined after that was not affected, according to the blog post.
Accessed information included names, email addresses, delivery addresses, order history, phone numbers and a form of the passwords that’s coded and indecipherable to third parties.
Some consumers also had the last four digits of their credit and debit cards made available, along with the last four digits of their bank account numbers. No full account numbers were revealed and no CVV numbers were accessed, according to the blog.
The financial information breached can’t result in fraudulent charges, according to the statement.
Consumers who may have had information stolen should be on the lookout for subsequent phone and email solicitation and phishing scams, though, said Natalie Dunlevey, president of National Processing Solutions.
The driver’s license numbers of 100,000 drivers were also breached, according to the post.
DoorDash said it closed off outside access, and has taken on extra security since the breach.
“We deeply regret the frustration and inconvenience that this may cause you. Every member of the DoorDash community is important to us, and we want to assure you that we value your security and privacy,” the company said.
FIVE FAST READS
Thank you for reading the Journal-News and for supporting local journalism. Subscribers: log in for access to your daily ePaper and premium newsletters.
Thank you for supporting in-depth local journalism with your subscription to the Journal-News. Get more news when you want it with email newsletters just for subscribers. Sign up here.