ShellCodeX
Tools • Events • News • Insights
ShellCodeX Breach Report

DoorDash Data Breach

doordash.com
Limited exposure
Verified breach
Accounts exposed 367,476
Breach date 02 Aug 2022
Added to tracker 07 Jan 2023
Data classes 4

What happened

In August 2022, the food ordering and delivery service DoorDash disclosed a data breach that impacted a portion of their customers. DoorDash attributed the breach to an unnamed "third-party vendor" they stated was the victim of a phishing campaign. The incident exposed 367k unique personal email addresses alongside names, post codes and partial card data, namely the brand, expiry data and last four digits of the card.

Exposed data

Email addresses Geographic locations Names Partial credit card data

Recommended actions

  • Watch for targeted phishing emails referencing DoorDash — attackers weaponise breach data quickly.
  • Monitor your bank and card statements closely and consider requesting a card replacement.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP