Customer details accessed by ‘unauthorized party’ in DoorDash data breach

DoorDash has said personal details of some customers and drivers had been accessed by an “unauthorised party” in a phishing attack on a third-party vendor. The unauthorised party, which used stolen credentials of the vendor’s employees to gain access to some internal tools, also got hold of names, phone numbers or email addresses of some drivers, customer payment details.