> DoorDash notes that the exposed info on its own would not be enough to make a charge on an account.
But, is more than enough info to be useful in trying to social engineer access to a user's accounts elsewhere.
https://www.theregister.co.uk/2019/09/26/doordash_data_loss/ via @theregister