Instacart is reportedly the victim of a data breach that has customers’ info being sold online.
Here’s what to know about the possible data breach.
- Reports claim that customer information from 278,531 Instacart accounts is being sold online.
- That includes names, order histories, the last four digits of credit and debit card numbers, as well as email addresses.
- The reports say that this information is up for sale on the dark web for about $2 per account.
- Sale data in the Instacart breach goes as far back June and includes orders made as late as Wednesday.
- Instacart is denying that it has been the target of a data breach.
- Even so, the grocery delivery service is temporarily suspending affected accounts and forcing password resets.
- Instacart instead believes that the accounts are from customers that have been targeted in phishing attacks or similar scams.
- The company is continuing to investigate the incident.
Here’s an official statement from Instacart to USA Today regarding the data breach reports.
“We take data protection and privacy very seriously. We have a dedicated security team as well as multiple layers of security measures across common vectors designed to protect the integrity of all user accounts.”
While an Instacart data breach may not have happened, it does serve as a reminder for users to take care of their information. An easy way to protect information online is to use different passwords for different services. Setting up two-factor authentication is another great option when it’s available.
As of this writing, William White did not hold a position in any of the aforementioned securities.