Class Action Lawsuit Filed Over DoorDash Data Breach
Last months, food-delivery service DoorDash said Thursday that the personal data of 4.9 million customers, workers and merchants was compromised earlier this year through an unnamed third-party service provider. The leaked data may have included names, addresses, partial credit card numbers etc. Passwords were also compromised, though in an undecipherable form.
Now, DoorDash customers and drivers have filed a class action lawsuit. The lawsuit says the food delivery company did not do enough to protect their personal information. Plus, the company only informed users about the issue in the last week of September 2019, noting that the company waited at least five months to inform affected individuals.
The lawsuit claims that the company’s failure to inform the public in a timely manner prevented the affected individuals from taking action to protect their identity, through actions like canceling credit cards and changing passwords.
The DoorDash identity theft class action lawsuit also implies that the information breach was more severe than DoorDash expressed. Reportedly, the company speculated that passwords were not among the pieces of information breached, but allegedly urged customers to change all passwords to online accounts including their DoorDash accounts, and to create a password unique to their DoorDash accounts.
The DoorDash Data Breach Class Action Lawsuit is Melissa Nelson v. Doordash Inc., Case No. 1:19-cv-05622-RRM-RLM, in the U.S. District Court for the Eastern District of New York.