A smartphone displaying the DoorDash logo.

By Chris Spiker From Daily Voice

Users and delivery workers for DoorDash had some of their personal information stolen in a large data breach.

DoorDash confirmed the "cybersecurity incident" in a notice posted on Thursday, Nov. 13. The food delivery app said an employee was targeted in a social-engineering scam, allowing an "unauthorized third party" to access some users' basic contact information.

The company says its team identified the breach and cut off access to the personal data, opened an investigation, and referred the case to law enforcement.

"At DoorDash, we believe in continuous improvement and getting 1% better every day," the company said in its post. "We are committed to protecting your privacy and have already taken the following steps to help prevent events like this from happening again."

DoorDash said the breach affected "some users whose data is maintained by DoorDash," including customers, drivers, and businesses. The leaked data may have included first and last names, phone numbers, email addresses, and physical addresses.

The company also said that no "sensitive information" was accessed, such as Social Security numbers, driver's license information, or payment info. Affected users were notified "where required," and the company says it doesn't believe the leaked data has been used for fraud or identity theft.

Anyone with questions about the data breach can call DoorDash at 1-833-918-8030, using the reference code "B155060."