Food delivery service DoorDash has confirmed that it suffered a data breach in October 2025, where some customers’ personal information was accessed. The company detailed that the incident was the result of a social engineering scam targeting one of its employees.
Details of the Data Breach
DoorDash informed customers via email about the incident, providing details about the compromised information:
- Data affected: Names, phone numbers, physical addresses and email details.
- Data NOT affected: The company highlighted that confidential information, such as social security numbers, driver’s licenses or bank card and payment information, was not accessed.
So far, DoorDash has stated that there is no indication that the data has been misused for fraud or identity theft.
Cause of the Incident and Company Response
The primary cause of the breach was a social engineering scam that compromised an employee. DoorDash’s response included the following actions:
- The response team identified the incident and shut down unauthorized access to the network.
- An internal investigation was launched and an outside firm was hired to assist in the process. *The matter was referred to law enforcement authorities. *DoorDash implemented improvements to its security systems to prevent and detect similar malicious activity in the future. *Issued additional employee awareness training on social engineering scams.
Historical Context and Conclusion
This incident marks DoorDash’s third security breach in the last six years. Previously, the company suffered an incident in 2019 that affected 5 million users and another compromise from a third-party vendor in 2022.
Even though Wolt or Deliveroo operate under the DoorDash umbrella, customers of the latter two platforms were not affected by this particular breach.
Kiran Chinnagangannagari, director of product and technology at Securin, commented on the pattern of incidents: “For a platform that handles millions of transactions daily and maintains detailed delivery records for hundreds of millions of users, this pattern demands a fundamental reassessment of security.”