DoorDash faces data breach due to social engineering

According to HackRead, DoorDash is dealing with a data breach where an unauthorized individual obtained contact details of users, delivery drivers and merchants, highlighting the cybersecurity risks associated with social engineering attacks.

The breach, detected on October 25, 2025, occurred when an employee fell victim to a social engineering scam, allowing the attacker to access names, addresses, emails and phone numbers of individuals across DoorDash's operational regions. While sensitive data like credit card numbers was reportedly unaffected, the stolen information poses a significant risk for phishing and smishing attacks, raising concerns among users about potential misuse of their personal details.

The delay in notifying affected parties has sparked criticism and legal threats. The breach prompted DoorDash to enhance security measures, intensify employee training on cybersecurity threats and engage a cybersecurity forensics firm.

Source: HackRead