Meal delivery service DoorDash says there was a data breach and information related to 4.9 million customers, delivery executives and restaurants may have been leaked.
The company, which expanded outside of North America in early September with a launch in Melbourne, said in a blog post that the data was accessed by an unauthorised third-party service provider on May 4.
The last four digits of payment cards for some consumers and the last four digits of the bank account numbers for some delivery executives and restaurants may have been leaked.
The data may have also included profile information such as names, emails, delivery addresses, phone numbers, as well as the driver’s licence numbers of nearly 100,000 delivery executives.
The US-based company got to know of the breach earlier this month and said it was investigating the incident.
Users who had joined after April 5, 2018 were not affected, DoorDash said.