As reported by BuzzFeed News on July 23, 2020:
The personal information of what could be hundreds of thousands of Instacart customers is being sold on the dark web. This data includes names, the last four digits of credit card numbers, and order histories, and appears to have affected customers who used the grocery delivery service as recently as yesterday.
As of Wednesday, sellers in two dark web stores were offering information from what appeared to be 278,531 accounts, although some of those may be duplicates or not genuine. As of April, Instacart had “millions of customers across the US and Canada,” according to a company spokesperson.
The company denied there had been a breach of its data.
“We are not aware of any data breach at this time. We take data protection and privacy very seriously,” an Instacart spokesperson told BuzzFeed News. “Outside of the Instacart platform, attackers may target individuals using phishing or credential stuffing techniques. In instances where we believe a customer’s account may have been compromised through an external phishing scam outside of the Instacart platform or other action, we proactively communicate to our customers to auto-force them to update their password.”
The source of the information, which also included email addresses and shopping data, was unknown, but appeared to have been uploaded from at least June until today.
Sauder Schelkopf is a nationally recognized class action and personal injury law firm. The firm’s partners currently serve as court appointed lead counsel in courts across the country and have been selected by the National Trial Lawyers Association as some of the Top 100 Trial Lawyers in Pennsylvania since 2012. The attorneys at Sauder Schelkopf have recovered over $500 million on behalf of their clients and class members.
We Want to Hear from You
You can confidentially contact the lawyers at Sauder Schelkopf by filling out the form on this page or calling 888.711.9975