DoorDash faces new challenges after disclosing a cybersecurity incident and individually agreeing to a authorized settlement with the Metropolis of Chicago over longstanding allegations of misleading enterprise practices.
On November 13, DoorDash confirmed in a discover to customers that it skilled an information breach brought on by a social engineering assault concentrating on an worker.
The breach, which occurred on October 25, allowed an unauthorized individual to entry the private info of sure customers, together with Dashers and retailers, comparable to names, e-mail addresses, cellphone numbers, and bodily addresses.
DoorDash acknowledged that it revoked the entry instantly and notified the affected customers. Regulation enforcement is now investigating the incident.
ADoorDash knowledge breach comes as its inventory is down 20% this month.
Picture supply: Shutterstock
DoorDash reacts to knowledge breach
DoorDash has emphasised that no delicate knowledge, comparable to fee info, authorities IDs, or Social Safety numbers, had been uncovered by the info breach, and stated there isn’t a “indication the data has been misused for fraud or identity theft at this time.”
The breach triggered backlash on-line, with Reddit customers criticizing DoorDash for downplaying names and residential addresses as “non-sensitive” info.
Associated: DoorDash’s 2026 plans rattle traders after earnings report
The corporate stated it’s reinforcing worker coaching and strengthening authentication protocols to stop future incidents.
The incident comes throughout a interval of heightened inventory market volatility. Whereas DoorDash’s inventory has carried out nicely yr up to now, up 23.8%, it’s down 21% this month and 16% over the quarter, reflecting investor uncertainty following its Q3 reviews earlier this month.
Authorized scrutiny provides to DoorDash’s challenges
On November 14, DoorDash agreed to pay $18 million to settle a 2021 lawsuit introduced by the town of Chicago, alleging hidden charges, misleading tipping practices, and unauthorized restaurant listings through the pandemic.
The settlement resolves claims that DoorDash misled diners with hidden charges, used tricks to subsidize its personal prices, and failed to tell clients that the entire tip doesn’t attain the Dasher.
Extra Retail Shares:
- Financial institution of America revamps Amazon inventory worth after earnings
- Kids’s retailer closing 150 shops, slashes jobs
- Greenback Tree CEO presents clients a pricing promise
- Amazon simply cracked the final mile: what it means for world retail
DoorDash acknowledged that this settlement “isn’t an admission of wrongdoing and the allegations in this lawsuit focus on business practices that no longer exist.”
In line with the phrases of the settlement:
- DoorDash pays $4 million in credit to eligible Chicago customers starting January 28, 2026.
- It should pay $3.25 million to eating places listed with out consent and at present not on the platform.
- $5.8 million will likely be paid in supply fee and market credit to eligible eating places.
- $500,000 will likely be for the drivers delivering meals orders in Chicago as of September 2019.
- $4.5 million will likely be paid to the Metropolis of Chicago to cowl the price of the lawsuit.
The lawsuit stemmed from a broader metropolis investigation into third-party meal supply firms, implicating DoorDash and its rival, Grubhub.
This Grubhub lawsuit remains to be pending.
Associated: Dwelling Depot to report key buyer developments this week
