The online delivery platform DoorDash has confirmed a data breach that may have affected customers, drivers, and merchants in South Dakota, including those in Rapid City and other communities across the state.
The breach, which occurred in late October 2025, was the result of a social engineering attack that compromised an employee’s credentials. According to DoorDash, the unauthorized access exposed personal information such as names, phone numbers, email addresses, and delivery addresses.
While the company says no financial data or Social Security numbers were accessed, South Dakota residents who use the platform are urged to monitor their accounts and change their passwords as a precaution.
DoorDash stated it acted quickly to contain the breach and has launched an internal investigation. The company has also notified law enforcement and is working with cybersecurity experts to strengthen its defenses.
South Dakotans affected by the breach should have received an email notification from DoorDash. The company has not released a breakdown of how many users in the state were impacted.
The South Dakota Attorney General’s Office has not yet issued a formal statement, but residents concerned about identity theft are encouraged to contact the state’s Consumer Protection Division or visit consumer.sd.gov for resources.
If you believe your information may have been compromised, consider enabling two-factor authentication on your DoorDash account and monitoring your credit reports for unusual activity.
Comments