Doordash Data Breach Lawsuit Investigation
Were you affected?
Doordash announced on September 26 2019, that it had suffered a data breach, exposing sensitive information of 4.9 million customers, merchants, and Doordash drivers. Doordash said the breach compromised names, email addresses, order histories, phone numbers, delivery addresses, and passwords. Some users also had partial credit card numbers stolen, and 100,000 Doordash drivers had their driver’s license number compromised, reports Wired.
Affected by the Doordash breach?
Contact us to learn about your options. Free consultation. No obligation.
How did the Doordash data breach occur?
Doordash said that in early September 2019, it became aware of “unusual activity” from a third-party service. Doordash says it hired “outside security experts” to figure out what happened, and they determined that a hacker had gained access to Doordash user data on May 4, 2019. Doordash says that it has added “additional protective security layers around the data,” after learning of the attack.
Am I affected by the Doordash data breach?
Doordash says that 4.9 million users were affected, but only users who joined before April 5, 2018. If you created your Doordash account after 4/5/2018, you were not impacted, according to Doordash.
Doordash says that it is reaching out directly to affected individuals. It did not say how (such as through email or through the Doordash app).
Doordash also says that to find out if you’re affected, you can call its “dedicated call center available 24/7 for support at 855–646–4683.”
What information was compromised in the Doordash breach?
Doordash says that different types of data were compromised for different categories of individuals. Depending on your category, the following data may have been stolen:
- Email address
- Delivery address
- History of Doordash orders
- Phone numbers
Although the passwords were “hashed,” Doordash recommends that users change their passwords by visiting www.doordash.com/accounts/password/reset.
- Last four digits of credit card or debit card
Dashers and Merchants
- Last four digits of bank account number
- Driver’s license number
Our Data Breach Lawyers
A founding partner at the firm, Eric has negotiated groundbreaking settlements that favorably shaped laws and resulted in business practice reforms.View full profile
David represents consumers in data breach, privacy, and financial services litigation. He has prosecuted some of the largest privacy cases nationwide.View full profile
Amanda represents employees, consumers, and sexual assault survivors in complex class actions. She also leads the firm’s Voting Rights Task Force.View full profile
Aaron represents consumers, employees, and whistleblowers in class actions and other complex litigation.View full profile
Our Data Breach Experience
Our attorneys recently won two prestigious awards for our work in data breach lawsuits. Eric Gibbs received a 2018 “MVP” award and 2019 CLAY award (“California Attorney: Lawyer of the Year”) for his work successfully representing data breach victims.
Our attorneys served in a court-appointed leadership role in the Anthem data breach class action, and helped achieve a $115 million settlement for victims of the Anthem data breach. The settlement received final approval from the court in August 2018.
Gibbs Law Group is a California-based law firm committed to protecting the rights of clients nationwide who have been harmed by corporate misconduct. We represent individuals, whistleblowers, employees, and small businesses across the U.S. against the world’s largest corporations. Our award-winning lawyers have achieved landmark recoveries and over a billion dollars for our clients in high-stakes class action and individual cases involving consumer protection, data breach, digital privacy, and federal and California employment lawsuits. Our attorneys have received numerous honors for their work, including “Top Plaintiff Lawyers in California,” “Top Class Action Attorneys Under 40,” “Consumer Protection MVP,” “Best Lawyers in America,” and “Top Cybersecurity/ Privacy Attorneys Under 40.”