Global News is reporting Food delivery app DoorDash says it is enhancing security after being hit by a data breach earlier this year that potentially affects 4.9 million consumers, couriers and merchants in Canada and the U.S.
In a blog post on Thursday, the company said customer data that was accessible may include names, order history, email addresses, phone numbers and “hashed, salted passwords” that would be indecipherable to anyone viewing them.
The last four digits of some customer payment cards and driver and merchant bank accounts were also potentially viewed, though the company said such financial information is not enough to make fraudulent purchases or withdrawals.
The app, similar to Uber Eats, Foodora and Skip the Dishes, allows customers to pay for meals from a list of participating restaurants and have them delivered.
DoorDash offers the service in 78 Canadian cities, including major centres such as Toronto, Montreal and Vancouver, and says it is on track to expand to 100 cities by the end of the year.
The company declined to say how many Canadian users were affected, citing security concerns. “We have directly notified those individuals who are involved,” a spokesperson said via email