Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

DoorDash hit by network compromise

Incident
First reported
Last updated
Happening score
H score 9
2 unique sources, 2 articles

Summary

Hide ▲

DoorDash disclosed a cybersecurity incident that exposed user contact information after an unauthorized third party gained access to account-linked data. The affected information may include names, physical addresses, phone numbers, and email addresses, and DoorDash says the incident was identified on October 25, 2025. The company says it shut down the unauthorized access, started an investigation, and notified law enforcement while the full scope remains under review.

Related Happenings

Chinese state-sponsored campaign to hijack Notepad++ update traffic

Campaign
First: 02.02.2026 16:53 Last: 02.02.2026 16:53 Sources 1

About this happening: A **months-long campaign** hijacked **Notepad++ update traffic**, selectively sending some users to malicious servers and threatening the integrity of software updates. The operat...

Open Happening

ShinyHunters Salesforce extortion campaign against global companies in 2025

Campaign
First: 15.01.2026 17:45 Last: 15.01.2026 17:45 Sources 1

About this happening: The **ShinyHunters** campaign now includes a **Qantas** breach disclosed after the airline found a **June 30, 2025** intrusion in a **third-party platform** used by one customer s...

Open Happening

Almaviva hit by data theft breach

Incident
First: 20.11.2025 20:54 Last: 20.11.2025 20:54 Sources 1

About this happening: The **Almaviva** confirmed a **cyberattack** on its corporate systems that resulted in the theft of some data. The breach was detected by **security monitoring** and isolated afte...

Open Happening

DoorDash Business stored HTML injection email spoofing security flaw

Vulnerability
First: 17.11.2025 18:32 Last: 17.11.2025 18:32 Sources 1

About this happening: A **DoorDash for Business** stored HTML injection flaw let attackers send **official-branded emails** from **[email protected]**, creating a near-perfect phishing channel. The...

Open Happening

DoorDash user contact information leak

Data Leak
First: 14.11.2025 06:38 Last: 14.11.2025 06:38 Sources 1

About this happening: DoorDash disclosed that **user contact information** was taken in an **unauthorized access** incident identified on **October 25, 2025**, creating a risk of phishing and account-f...

Open Happening

Timeline

  1. 14.11.2025 06:38 1 articles · 6mo ago

    DoorDash unauthorized access after employee social engineering

    Exploitation Observed

    An unauthorized third party gained access to DoorDash user contact information after a DoorDash employee fell victim to a social engineering scam, with the compromised data varying by individual and including names, physical addresses, phone numbers, and email addresses.

    Show sources
    Open in new tab
  2. 14.11.2025 06:38 3 articles · 6mo ago

    DoorDash discloses the breach and notifies impacted users

    Initial Disclosure

    DoorDash began emailing impacted users about the cybersecurity incident, confirmed that personal information was affected, and said it had deployed additional security enhancements, added employee training, brought in a cybersecurity forensic firm, and notified law enforcement while the investigation continued.

    Show sources
    Open in new tab