In Brief Posted: 7:27 AM PST · November 17, 2025 Image Credits:Tibrina Hobson / Getty Images DoorDash disclosed a data breach that exposed the personal information of an unspecified number of users, which included names, email addresses, phone numbers, and physical addresses. Despite the fact that hackers stole phone numbers and physical addresses, DoorDash said that “no sensitive information was accessed by the unauthorized third party and we have no indication the data has been misused for fraud or identity theft at this time.” DoorDash said in the post that the breach impacted a mix of customers, delivery workers, and merchants. Company spokesperson Michelle Babin did not respond when asked exactly how many users were victims of the breach. Instead, Babin sent a statement that largely echoed the blog post about the breach. The breach originated from an employee falling for a social engineering attack. When the company identified the breach, it shut down the hackers’ access to its systems, started an investigation, and reported the incident to law enforcement, according to a post published last week by the company. DoorDash said no “Social Security numbers, other government-issued identification numbers, driver’s license information, or bank or payment card information” were stolen as part of the breach. The company said it has notified impacted users. This story has been updated to include DoorDash’s spokesperson response. Topics Subscribe for the industry’s biggest tech news Latest in Security