LOS ANGELES (CBSLA) — A privacy breach involving millions of DoorDash customers may have compromised user data including names, phone numbers and even partial credit card numbers, the company announced Thursday.

Emails sent to affected DoorDash users revealed an “unauthorized third party” accessed the mobile delivery company’s user data back on May 4. The company said approximately 4.9 million customers, drivers and merchants who joined the app on or before April 5, 2018, were affected.

READ MORE: Santa Monica Protestors Fighting Planned Demolition Of Several Historic High School Campus Buildings

According to the email, profile information including names, email addresses, delivery addresses, order history, phone numbers, “hashed” passwords, and for some users, the last four digits of consumer payment cards.

Doordash added that full credit card information was not accessed, meaning the data “is not sufficient to make fraudulent charges on your payment card.”

READ MORE: Tournament Of Roses Foundation And LA County Sheriff's Department Host Drive-Thru Food Giveaway In Pasadena

The company says it immediately blocked the unauthorized user and are working to improve security protocols.

In the meantime, users were encouraged to change their account passwords.

“We do not believe that user passwords have been compromised, but out of an abundance of caution, we are encouraging all of those affected to reset their passwords to one that is unique to DoorDash,” the company said in a statement.

MORE NEWS: CHP Closes Both Directions Of 170 Freeway At Burbank Boulevard Due To Man Threatening To Leap Off Overpass

Users can get more info on the DoorDash site or via a dedicated call center available 24 hours a day at (855) 646-4683.